@habityzer/nuxt-symfony-kinde-layer 2.4.0 → 2.4.2

package/CHANGELOG.md

@@ -1,3 +1,17 @@
+## [2.4.2](https://github.com/Habityzer/nuxt-symfony-kinde-layer/compare/v2.4.1...v2.4.2) (2026-03-19)
+
+
+### Bug Fixes
+
+* Remove unused @nuxt/image dependency ([631f4f6](https://github.com/Habityzer/nuxt-symfony-kinde-layer/commit/631f4f601e8dbb5753d06adc5471f7a54632a636))
+
+## [2.4.1](https://github.com/Habityzer/nuxt-symfony-kinde-layer/compare/v2.4.0...v2.4.1) (2026-03-17)
+
+
+### Bug Fixes
+
+* Improve logging in Symfony proxy and auth guard middleware ([4613f74](https://github.com/Habityzer/nuxt-symfony-kinde-layer/commit/4613f74fc9d9d6a4ed796675367176d46f1e0a7e))
+
 # [2.4.0](https://github.com/Habityzer/nuxt-symfony-kinde-layer/compare/v2.3.0...v2.4.0) (2026-03-16)
 
 

package/README.md

@@ -224,6 +224,22 @@ kindeAuth: {
 }
 ```
 
+### Disabling layer modules
+
+You can disable individual modules provided by the layer by setting them to `false` in your project's `nuxt.config.ts`. The layer is still used via `extends`; only the module is disabled. For example, if you do not use `@nuxt/image`:
+
+```typescript
+export default defineNuxtConfig({
+  extends: ['@habityzer/nuxt-symfony-kinde-layer'],
+  image: false,
+  // ...
+})
+```
+
+### Route groups (optional)
+
+As an alternative to listing only public routes, you can use Nuxt route groups (e.g. `(protected)/dashboard`) and check `to.meta.groups` in middleware. For example, put protected pages under `pages/(protected)/` and in a custom middleware use `if (to.meta.groups?.includes('protected') && !isAuthenticated()) return navigateTo('/login')`. The layer's auth guard uses `publicRoutes` / `protectedRoutes` by default; route groups are optional for projects that prefer convention-based protection.
+
 ## E2E Testing
 
 The layer supports E2E testing with app tokens:
@@ -353,6 +369,10 @@ Add these to your workflow:
 
 ## Troubleshooting
 
+### Error handling and Nuxt 5 readiness
+
+The layer uses Nuxt 4.4+ / Nuxt 5 style errors: `createError({ status, statusText })` instead of the deprecated `statusCode`/`statusMessage`. When handling errors from the proxy or auth composable, prefer reading `error.status` and `error.statusText`. The deprecated `statusCode` and `statusMessage` remain supported on `NuxtError` for backward compatibility during migration.
+
 ### Cookie Name Conflicts
 
 If you see authentication issues, ensure each project has a unique cookie prefix:

package/app/composables/useAuth.ts

@@ -90,8 +90,9 @@ export const useAuth = () => {
       userProfile.value = response
       return response
     } catch (error) {
-      // Silently handle auth errors on public pages
-      if (error && typeof error === 'object' && 'statusCode' in error && error.statusCode === 401) {
+      // Silently handle auth errors on public pages (support both status and statusCode for Nuxt 4.4+ / 5)
+      const err = error as { status?: number, statusCode?: number } | undefined
+      if (err && typeof err === 'object' && (err.status === 401 || err.statusCode === 401)) {
         console.debug('Auth check failed - user not logged in')
       } else {
         console.error('Failed to fetch user profile:', error)

package/app/plugins/auth-guard.client.ts

@@ -12,9 +12,10 @@ export default defineNuxtPlugin(() => {
   const e2eTokenCookieName = requireString(middlewareConfig.e2eTokenCookieName, 'kindeAuth.middleware.e2eTokenCookieName')
   const appTokenPrefix = requireString(middlewareConfig.appTokenPrefix, 'kindeAuth.middleware.appTokenPrefix')
   const clockSkewSeconds = requireNonNegativeNumber(middlewareConfig.clockSkewSeconds, 'kindeAuth.middleware.clockSkewSeconds')
-  const idToken = useCookie<string | null>(`${cookiePrefix}${idTokenBaseName}`)
-  const accessToken = useCookie<string | null>(`${cookiePrefix}${accessTokenBaseName}`)
-  const e2eToken = useCookie<string | null>(`${cookiePrefix}${e2eTokenCookieName}`)
+  const cookieOptions = { maxAge: 60 * 60 * 24 * 7, refresh: true }
+  const idToken = useCookie<string | null>(`${cookiePrefix}${idTokenBaseName}`, cookieOptions)
+  const accessToken = useCookie<string | null>(`${cookiePrefix}${accessTokenBaseName}`, cookieOptions)
+  const e2eToken = useCookie<string | null>(`${cookiePrefix}${e2eTokenCookieName}`, cookieOptions)
   const mode = middlewareConfig.mode || 'privateByDefault'
   const publicRoutes: string[] = middlewareConfig.publicRoutes || ['/']
   const protectedRoutes: string[] = middlewareConfig.protectedRoutes || []

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@habityzer/nuxt-symfony-kinde-layer",
-  "version": "2.4.0",
+  "version": "2.4.2",
   "description": "Shared Nuxt layer for Symfony + Kinde authentication integration",
   "type": "module",
   "main": "./nuxt.config.ts",
@@ -25,7 +25,6 @@
   "dependencies": {
     "@habityzer/nuxt-kinde-auth": "^1.2.2",
     "@nuxt/eslint": "^1.9.0",
-    "@nuxt/image": "^1.11.0",
     "@nuxt/ui": "^4.0.1",
     "@pinia/nuxt": "^0.11.2",
     "@vueuse/core": "^13.9.0",

package/server/api/symfony/[...].ts

@@ -47,7 +47,9 @@ export default defineEventHandler(async (event) => {
 
   // Skip authentication for public routes
   if (isPublicRoute) {
-    console.log('🔓 [SYMFONY PROXY] Public route, skipping auth:', path)
+    if (!process.env.E2E_TEST_MODE) {
+      console.log('[SYMFONY PROXY]', event.method, path, '(public)')
+    }
     // Set token to empty to skip auth headers
     token = ''
   } else {
@@ -65,8 +67,8 @@ export default defineEventHandler(async (event) => {
 
       if (!kinde?.client || !kinde?.sessionManager) {
         throw createError({
-          statusCode: 500,
-          statusMessage:
+          status: 500,
+          statusText:
             'Kinde authentication not initialized. Module may not be loaded correctly.'
         })
       }
@@ -97,15 +99,15 @@ export default defineEventHandler(async (event) => {
 
         if (!token || token.trim() === '') {
           throw createError({
-            statusCode: 401,
-            statusMessage: 'Unauthorized - Please log in'
+            status: 401,
+            statusText: 'Unauthorized - Please log in'
           })
         }
       } catch (error) {
         console.error('❌ [SYMFONY PROXY] Auth error:', error)
         throw createError({
-          statusCode: 401,
-          statusMessage:
+          status: 401,
+          statusText:
             error instanceof Error ? error.message : 'Authentication failed'
         })
       }
@@ -114,8 +116,8 @@ export default defineEventHandler(async (event) => {
 
   if (!token && !isPublicRoute) {
     throw createError({
-      statusCode: 401,
-      statusMessage: 'No authentication token available'
+      status: 401,
+      statusText: 'No authentication token available'
     })
   }
 
@@ -162,19 +164,10 @@ export default defineEventHandler(async (event) => {
       headers['Accept'] = accept
     }
 
-    // Log the request to backend
-    const backendUrl = `${config.apiBaseUrl}${path}`
-    console.log('🔵 [SYMFONY PROXY] Request to backend:', {
-      url: backendUrl,
-      method,
-      headers: {
-        ...headers,
-        Authorization: token && token !== '' ? `Bearer kinde_${token.substring(0, 10)}...` : 'none'
-      },
-      query,
-      hasBody: !!body,
-      isMultipart: contentType.includes('multipart/form-data')
-    })
+    // Log one short line per request (method + path only); skip in e2e to reduce output
+    if (!process.env.E2E_TEST_MODE) {
+      console.log('[SYMFONY PROXY]', method, path)
+    }
 
     // Forward request to Symfony with Kinde token
     const response = await $fetch(path, {
@@ -187,41 +180,30 @@ export default defineEventHandler(async (event) => {
       timeout: 30000 // 30 second timeout
     })
 
-    console.log('✅ [SYMFONY PROXY] Backend response received:', {
-      url: backendUrl,
-      method,
-      status: 'success'
-    })
-
     return response
   } catch (error) {
-    console.error('❌ [SYMFONY PROXY] Symfony API error:', {
-      path,
-      statusCode:
-        error && typeof error === 'object' && 'statusCode' in error
-          ? error.statusCode
-          : 'unknown',
-      message: error instanceof Error ? error.message : 'unknown'
-    })
-    // Handle Symfony API errors
-    const statusCode
-      = error && typeof error === 'object' && 'statusCode' in error
-        ? (error.statusCode as number)
+    const err = error as Record<string, unknown> | undefined
+    const status
+      = err && typeof err === 'object' && ('status' in err || 'statusCode' in err)
+        ? (err.status as number) ?? (err.statusCode as number)
         : 500
-    const statusMessage
-      = error && typeof error === 'object' && 'statusMessage' in error
-        ? (error.statusMessage as string)
+    const statusText
+      = err && typeof err === 'object' && ('statusText' in err || 'statusMessage' in err)
+        ? (err.statusText as string) ?? (err.statusMessage as string)
         : error instanceof Error
           ? error.message
           : 'Symfony API error'
+    console.error('❌ [SYMFONY PROXY] Symfony API error:', {
+      path,
+      status,
+      message: statusText
+    })
     const data
-      = error && typeof error === 'object' && 'data' in error
-        ? error.data
-        : undefined
+      = err && typeof err === 'object' && 'data' in err ? err.data : undefined
 
     throw createError({
-      statusCode,
-      statusMessage,
+      status,
+      statusText,
       data
     })
   }

package/server/middleware/auth-guard.ts

@@ -127,6 +127,10 @@ function logServer(event: string, details: Record<string, unknown>) {
   if (process.env.NODE_ENV === 'production') {
     return
   }
+  // Only log when explicitly enabled (reduces noise in e2e and dev)
+  if (!process.env.NUXT_AUTH_GUARD_DEBUG) {
+    return
+  }
 
   console.warn(`[AUTH GUARD SERVER] ${event}`, details)
 }