403 Forbidden Error on Re-login (Nuxt 3 + VueFire) with session cookie on IIS #1619
Unanswered
SokolovskyiAnton
asked this question in
Questions and Help
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
I am experiencing an issue in my Nuxt 3 application that uses VueFire for Firebase authentication with session cookies. The problem occurs only in production when the app is deployed on IIS. The first login works fine and the __session cookie is correctly set. However, after a logout and then re-login using the same account, the POST request to /api/__session returns a 403 Forbidden error.
Context:
The application is built with Nuxt 3 and uses VueFire on the client side (no server middleware related to Firebase).
The session cookie (__session) is used for Firebase authentication.
The issue does not occur locally; it only manifests when deployed on IIS (Microsoft-IIS/10.0).
There is no specific configuration in the web.config that alters the behavior for the /api/__session route.
What I Have Checked:
The client-side login/logout flow functions correctly; the first login sets the cookie as expected.
The issue only occurs in the production environment on IIS.
No specific URL rewrite or request filtering rules have been configured in the web.config for /api/__session.
nuxt.config
vuefire: {
auth: {
enabled: true,
sessionCookie: true
},
config: {
apiKey: process.env.NUXT_FIREBASE_API_KEY,
authDomain: process.env.NUXT_FIREBASE_AUTH_DOMAIN,
databaseURL: process.env.NUXT_FIREBASE_DATABASE_URL,
projectId: process.env.NUXT_FIREBASE_PROJECT_ID,
storageBucket: process.env.NUXT_FIREBASE_STORAGE_BUCKET,
messagingSenderId: process.env.NUXT_FIREBASE_MESSAGING_SENDER_ID,
appId: process.env.NUXT_FIREBASE_APP_ID,
measurementId: process.env.NUXT_FIREBASE_MEASUREMENT_ID
}
},
Beta Was this translation helpful? Give feedback.
All reactions