create-nuxt-base 1.1.2 → 1.2.0

package/.github/workflows/publish.yml

@@ -9,7 +9,7 @@ env:
   SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
 
 permissions:
-  id-token: write  # Required for OIDC
+  id-token: write # Required for OIDC
   contents: read
 
 jobs:

package/AUTH.md

@@ -7,12 +7,12 @@ This document describes the Better Auth integration in the nuxt-base-starter tem
 The template uses [Better Auth](https://www.better-auth.com/) for authentication with the following features:
 
 | Feature               | Status | Description                            |
-|-----------------------|--------|----------------------------------------|
-| Email & Password      | ✅      | Standard email/password authentication |
-| Two-Factor Auth (2FA) | ✅      | TOTP-based 2FA with backup codes       |
-| Passkey (WebAuthn)    | ✅      | Passwordless authentication            |
-| Session Management    | ✅      | Cookie-based sessions with SSR support |
-| Password Hashing      | ✅      | Client-side SHA256 hashing             |
+| --------------------- | ------ | -------------------------------------- |
+| Email & Password      | ✅     | Standard email/password authentication |
+| Two-Factor Auth (2FA) | ✅     | TOTP-based 2FA with backup codes       |
+| Passkey (WebAuthn)    | ✅     | Passwordless authentication            |
+| Session Management    | ✅     | Cookie-based sessions with SSR support |
+| Password Hashing      | ✅     | Client-side SHA256 hashing             |
 
 ## Architecture
 
@@ -44,7 +44,7 @@ The template uses [Better Auth](https://www.better-auth.com/) for authentication
 ## Files
 
 | File                                 | Purpose                          |
-|--------------------------------------|----------------------------------|
+| ------------------------------------ | -------------------------------- |
 | `app/lib/auth-client.ts`             | Better Auth client configuration |
 | `app/composables/use-better-auth.ts` | Auth state management composable |
 | `app/pages/auth/login.vue`           | Login page                       |
@@ -153,8 +153,8 @@ import { createBetterAuthClient } from '~/lib/auth-client';
 // Create a custom client
 const customClient = createBetterAuthClient({
   baseURL: 'https://api.example.com',
-  basePath: '/auth',  // Default: '/iam'
-  twoFactorRedirectPath: '/login/2fa',  // Default: '/auth/2fa'
+  basePath: '/auth', // Default: '/iam'
+  twoFactorRedirectPath: '/login/2fa', // Default: '/auth/2fa'
   enableAdmin: false,
   enableTwoFactor: true,
   enablePasskey: true,
@@ -174,6 +174,7 @@ const hashedPassword = await sha256(plainPassword);
 ```
 
 **Why client-side hashing?**
+
 1. Prevents plain text passwords in network logs
 2. Works with nest-server's `normalizePasswordForIam()` which detects SHA256 hashes
 3. Server re-hashes with bcrypt for storage
@@ -183,7 +184,7 @@ const hashedPassword = await sha256(plainPassword);
 Sessions are stored in cookies for SSR compatibility:
 
 | Cookie                      | Purpose                    |
-|-----------------------------|----------------------------|
+| --------------------------- | -------------------------- |
 | `auth-state`                | User data (SSR-compatible) |
 | `token`                     | Session token              |
 | `better-auth.session_token` | Better Auth native cookie  |
@@ -200,6 +201,7 @@ fetchOptions: {
 ```
 
 **Backend CORS Configuration:**
+
 ```typescript
 // In nest-server config
 cors: {
@@ -215,7 +217,7 @@ The following endpoints are provided by the nest-server backend:
 ### Authentication
 
 | Endpoint             | Method | Description                 |
-|----------------------|--------|-----------------------------|
+| -------------------- | ------ | --------------------------- |
 | `/iam/sign-in/email` | POST   | Email/password sign in      |
 | `/iam/sign-up/email` | POST   | Email/password registration |
 | `/iam/sign-out`      | POST   | Sign out                    |
@@ -224,7 +226,7 @@ The following endpoints are provided by the nest-server backend:
 ### Passkey (WebAuthn)
 
 | Endpoint                                     | Method | Description              |
-|----------------------------------------------|--------|--------------------------|
+| -------------------------------------------- | ------ | ------------------------ |
 | `/iam/passkey/generate-register-options`     | GET    | Get registration options |
 | `/iam/passkey/verify-registration`           | POST   | Verify registration      |
 | `/iam/passkey/generate-authenticate-options` | GET    | Get auth options         |
@@ -235,7 +237,7 @@ The following endpoints are provided by the nest-server backend:
 ### Two-Factor Authentication
 
 | Endpoint                             | Method | Description        |
-|--------------------------------------|--------|--------------------|
+| ------------------------------------ | ------ | ------------------ |
 | `/iam/two-factor/enable`             | POST   | Enable 2FA         |
 | `/iam/two-factor/disable`            | POST   | Disable 2FA        |
 | `/iam/two-factor/verify-totp`        | POST   | Verify TOTP code   |
@@ -267,7 +269,7 @@ The passkey response only contains the session, not the user. Call `validateSess
 
 ```typescript
 if (result.data?.session) {
-  await validateSession();  // Fetches user data
+  await validateSession(); // Fetches user data
 }
 ```
 

package/CHANGELOG.md

@@ -2,29 +2,33 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+## [1.2.0](https://github.com/lenneTech/nuxt-base-starter/compare/v1.1.2...v1.2.0) (2026-01-22)
+
+
+### Features
+
+* **auth:** add Cookie/JWT dual-mode authentication with automatic fallback ([8005425](https://github.com/lenneTech/nuxt-base-starter/commit/800542585dc22c1710f8bf587ee8371458454c79))
+
 ### [1.1.2](https://github.com/lenneTech/nuxt-base-starter/compare/v1.1.1...v1.1.2) (2026-01-22)
 
 ### [1.1.1](https://github.com/lenneTech/nuxt-base-starter/compare/v1.1.0...v1.1.1) (2026-01-20)
 
-
 ### Bug Fixes
 
-* **auth:** auto-login after registration and improved passkey handling ([625128b](https://github.com/lenneTech/nuxt-base-starter/commit/625128b18fe812c141859946c196f8efb0738dca))
-* **auth:** improve 2FA UX and document dev-mode proxy requirements ([4c4b1f4](https://github.com/lenneTech/nuxt-base-starter/commit/4c4b1f4d8b77fa93469ccc1a31d4f3292cc7c724))
+- **auth:** auto-login after registration and improved passkey handling ([625128b](https://github.com/lenneTech/nuxt-base-starter/commit/625128b18fe812c141859946c196f8efb0738dca))
+- **auth:** improve 2FA UX and document dev-mode proxy requirements ([4c4b1f4](https://github.com/lenneTech/nuxt-base-starter/commit/4c4b1f4d8b77fa93469ccc1a31d4f3292cc7c724))
 
 ## [1.1.0](https://github.com/lenneTech/nuxt-base-starter/compare/v1.0.3...v1.1.0) (2026-01-20)
 
-
 ### Features
 
-* add complete Better-Auth integration with Passkey support and comprehensive documentation ([e0d470c](https://github.com/lenneTech/nuxt-base-starter/commit/e0d470c8229c37bed2948d929676620f344f4878))
+- add complete Better-Auth integration with Passkey support and comprehensive documentation ([e0d470c](https://github.com/lenneTech/nuxt-base-starter/commit/e0d470c8229c37bed2948d929676620f344f4878))
 
 ## [1.2.0](https://github.com/lenneTech/nuxt-base-starter/compare/v1.0.3...v1.2.0) (2026-01-20)
 
-
 ### Features
 
-* add complete Better-Auth integration with Passkey support and comprehensive documentation ([70fbec1](https://github.com/lenneTech/nuxt-base-starter/commit/70fbec14e38673c5185195fe05f0cd82bf72a800))
+- add complete Better-Auth integration with Passkey support and comprehensive documentation ([70fbec1](https://github.com/lenneTech/nuxt-base-starter/commit/70fbec14e38673c5185195fe05f0cd82bf72a800))
 
 ## [1.1.0](https://github.com/lenneTech/nuxt-base-starter/compare/v1.0.3...v1.1.0) (2026-01-20)
 
@@ -32,19 +36,17 @@ All notable changes to this project will be documented in this file. See [standa
 
 ### [1.0.2](https://github.com/lenneTech/nuxt-base-starter/compare/v1.0.1...v1.0.2) (2026-01-12)
 
-
 ### Bug Fixes
 
-* add repository field in package.json ([1f43eae](https://github.com/lenneTech/nuxt-base-starter/commit/1f43eae4445b2f8a54cf4442c79be1bd55cf711c))
+- add repository field in package.json ([1f43eae](https://github.com/lenneTech/nuxt-base-starter/commit/1f43eae4445b2f8a54cf4442c79be1bd55cf711c))
 
 ### [1.0.1](https://github.com/lenneTech/nuxt-base-starter/compare/v1.0.0...v1.0.1) (2026-01-12)
 
 ## [1.0.0](https://github.com/lenneTech/nuxt-base-starter/compare/v0.3.17...v1.0.0) (2026-01-12)
 
-
 ### Bug Fixes
 
-* **DEV-609:** removed duplicate public folder inside app ([#10](https://github.com/lenneTech/nuxt-base-starter/issues/10)) ([25fe0fe](https://github.com/lenneTech/nuxt-base-starter/commit/25fe0fe3c53bc3400373d9c3f0a4b6705952171b))
+- **DEV-609:** removed duplicate public folder inside app ([#10](https://github.com/lenneTech/nuxt-base-starter/issues/10)) ([25fe0fe](https://github.com/lenneTech/nuxt-base-starter/commit/25fe0fe3c53bc3400373d9c3f0a4b6705952171b))
 
 ### [0.3.17](https://github.com/lenneTech/nuxt-base-starter/compare/v0.3.16...v0.3.17) (2025-10-17)
 

package/README.md

@@ -17,7 +17,7 @@ The development server starts at **http://localhost:3001**
 ### Core Framework
 
 | Technology   | Version | Description                           |
-|--------------|---------|---------------------------------------|
+| ------------ | ------- | ------------------------------------- |
 | Nuxt         | 4.x     | Vue 3 meta-framework with SSR support |
 | TypeScript   | 5.9.x   | Strict type checking enabled          |
 | Tailwind CSS | 4.x     | Utility-first CSS with Vite plugin    |
@@ -28,7 +28,7 @@ The development server starts at **http://localhost:3001**
 Complete authentication system using [Better Auth](https://www.better-auth.com/):
 
 | Feature            | Description                                           |
-|--------------------|-------------------------------------------------------|
+| ------------------ | ----------------------------------------------------- |
 | Email/Password     | Standard auth with client-side SHA256 hashing         |
 | Two-Factor (2FA)   | TOTP-based 2FA with backup codes                      |
 | Passkey/WebAuthn   | Passwordless authentication (Touch ID, Face ID, etc.) |
@@ -42,7 +42,7 @@ Pre-built auth pages: login, register, forgot-password, reset-password, 2fa
 ### State & Data
 
 | Package               | Purpose                     |
-|-----------------------|-----------------------------|
+| --------------------- | --------------------------- |
 | Pinia                 | State management            |
 | VueUse                | Vue composition utilities   |
 | @hey-api/client-fetch | Type-safe API client        |
@@ -57,7 +57,7 @@ Pre-built auth pages: login, register, forgot-password, reset-password, 2fa
 ### Developer Experience
 
 | Tool               | Purpose                            |
-|--------------------|------------------------------------|
+| ------------------ | ---------------------------------- |
 | OxLint             | Fast linting                       |
 | OxFmt              | Code formatting                    |
 | Playwright         | E2E testing                        |
@@ -104,7 +104,7 @@ my-project/
 ## Available Scripts
 
 | Script                   | Description                            |
-|--------------------------|----------------------------------------|
+| ------------------------ | -------------------------------------- |
 | `npm run dev`            | Start development server               |
 | `npm run build`          | Build for production                   |
 | `npm run preview`        | Preview production build               |

package/nuxt-base-template/README.md

@@ -91,17 +91,17 @@ npm run generate-types
 
 ## Tech Stack
 
-| Technology | Version | Description |
-|------------|---------|-------------|
-| Nuxt | 4.2.x | Vue 3 meta-framework with SSR |
-| TypeScript | 5.9.x | Strict type checking |
-| Tailwind CSS | 4.1.x | Utility-first CSS (Vite plugin) |
-| NuxtUI | 4.3.x | Component library with dark mode |
-| Pinia | 0.11.x | State management |
-| Better Auth | 1.4.x | Authentication framework |
-| Playwright | 1.57.x | E2E testing |
-| @hey-api/client-fetch | 0.13.x | Type-safe API client |
-| Valibot | 1.2.x | Schema validation |
+| Technology            | Version | Description                      |
+| --------------------- | ------- | -------------------------------- |
+| Nuxt                  | 4.2.x   | Vue 3 meta-framework with SSR    |
+| TypeScript            | 5.9.x   | Strict type checking             |
+| Tailwind CSS          | 4.1.x   | Utility-first CSS (Vite plugin)  |
+| NuxtUI                | 4.3.x   | Component library with dark mode |
+| Pinia                 | 0.11.x  | State management                 |
+| Better Auth           | 1.4.x   | Authentication framework         |
+| Playwright            | 1.57.x  | E2E testing                      |
+| @hey-api/client-fetch | 0.13.x  | Type-safe API client             |
+| Valibot               | 1.2.x   | Schema validation                |
 
 ## Key Features