[Bug] Still logged in after logout

[OrPh4ns]

const {logout, user} = useSanctumAuth();

const signout = async () => {
await logout();
current_branch_name.value = null;
current_branch_number.value = null;
current_branch_role.value = null;
}

this is the function to logout but user still logged in after redirect to login page and refresh again

[manchenkoff]

@OrPh4ns do you mean that user variable is not null after logout was called? Because it resets the value in Nuxt state to null and if you have middleware on the page you got redirected to, it won't work with it as authenticated. Page refresh completely resets the state, so if you have your user still logged in, there might be some error during API call. Do you have any error in the console?
You can check the example of logout usage in both playground and breeze-nuxt which work fine and resets the user state.

[OrPh4ns]

@manchenkoff

Yes on logout user became null but on refreshing page all data getting back like XSRF-TOKEN and rest of data.

there is no error in console

[OrPh4ns]

from Telescope showing logout is success

[manchenkoff]

I see @OrPh4ns, thanks for more info. Could you please check if the cookie with a token is also deleted after you logged out?

[OrPh4ns]

@manchenkoff

I think the problem is there, on login it generates a cookie with random name and on logout this cookie still there that why i still logged in on refreshing page. But on deleting manually, logout will successful

[manchenkoff]

Hm, the name of the cookie is hardcoded in the module code as sanctum.token.cookie, and should not be generated randomly as in your screenshot. I will try to investigate!

[manchenkoff]

Hey @OrPh4ns, I couldn't reproduce this behaviour since the token was set correctly with a proper name. So I would need more details for further investigation, especially regarding login functionality.

Please, attach the details according to the template below:

---

Module information

• Version: x.x.x
• Content of your nuxt.config.ts:

// REPLACE WITH YOUR FILE CONTENT!
export default defineNuxtConfig({
    modules: ['nuxt-auth-sanctum'],

    sanctum: {
        baseUrl: 'http://localhost:80',
    },
});

• Content of your app.config.ts:

// REPLACE WITH YOUR FILE CONTENT!
export default defineAppConfig({
    sanctum: {
        // ...
    },
});

Nuxt environment:

• Version: x.x.x
• SSR Enabled: yes / no
• Environment: local / production

Laravel environment:

• Version: x.x.x
• Sanctum installed via Breeze: yes / no
• Checklist completed: yes / no
• What is your session domain in config/session.php: <REPLACE_ME>
• What is your stateful domains in config/sanctum.php: <REPLACE_ME>
• Content of config/cors.php:

<?php
// REPLACE WITH YOUR FILE CONTENT!

return [
    'paths' => ['*'],
    'allowed_methods' => ['*'],
    'allowed_origins' => [
        env('FRONTEND_URL', 'http://localhost:3000'),
    ],
    'allowed_origins_patterns' => [],
    'allowed_headers' => ['*'],
    'exposed_headers' => [],
    'max_age' => 0,
    'supports_credentials' => true,
];

Logs

Please provide module logs that can help to understand the problem.
Make sure to change sanctum.logLevel to 5 in your nuxt.config.ts.
CSR logs can be found in the browser, while SSR logs can be found in the server terminal.

# REPLACE WITH YOUR LOGS!

Code sample

Provide the code sample of your login/logout pages/components in the Nuxt application:

// Code here

[OrPh4ns]

@manchenkoff

[manchenkoff]

thanks for more details @OrPh4ns, but there are some parts still missing

Laravel environment:

• Version: x.x.x
• Sanctum installed via Breeze: yes / no
• Checklist completed: yes / no
• What is your session domain in config/session.php: <REPLACE_ME>
• What is your stateful domains in config/sanctum.php: <REPLACE_ME>

Logs

Please provide module logs that can help to understand the problem.
Make sure to change sanctum.logLevel to 5 in your nuxt.config.ts.
CSR logs can be found in the browser, while SSR logs can be found in the server terminal.

# REPLACE WITH YOUR LOGS!

Code sample

Provide the code sample of your login/logout pages/components in the Nuxt application:

// Code here

[OrPh4ns]

Laravel
Version: 11.33
Sanctum installed via Breeze: no
Checklist completed: yes
What is your session domain in config/session.php: SESSION_DOMAIN=localhost
What is your stateful domains in config/sanctum.php: localhost:3003

log level is 5 but project does not create any log file

[manchenkoff]

log level is 5 but project does not create any log file

it depends on how you configured your environment, if you are running app by npm run dev, then you should have all logs in console output for SSR mode and also you can see all CSR logs in your browser console

[manchenkoff]

What is your session domain in config/session.php: SESSION_DOMAIN=localhost

sometimes it works not very well since localhost is not a TLD, try to comment this setting in .env and restart app/reload configs as well

Also, for token mode you should not use SESSION_DOMAIN and SANCTUM_STATEFUL_DOMAINS, it will try to apply CSRF validation instead of auth token