@fusionauth/vue-sdk
Advanced tools
FusionAuth solves the problem of building essential security without adding risk or distracting from your primary application
An SDK for using FusionAuth in Vue applications.
This SDK provides helpful methods and reactive values that integrate with FusionAuth to help automatically manage authentication state in your Vue app.
Your users will be sent to FusionAuth’s themeable hosted login pages and then log in. After that, they are sent back to your Vue application.
Once authentication succeeds, the following secure, HTTP-only cookies will be set:
app.at - an OAuth Access
Token
app.rt - a Refresh
Token
used to obtain a new app.at. This cookie will only be set if
refresh tokens are enabled on your FusionAuth instance.
The access token can be presented to APIs to authorize the request and the refresh token can be used to get a new access token.
There are 2 ways to interact with this SDK:
If you are hosting your own server, see server code requirements.
You can use this library against any version of FusionAuth or any OIDC compliant identity server.
NPM:
npm install @fusionauth/vue-sdk
Yarn:
yarn add @fusionauth/vue-sdk
Configure and initialize the FusionAuthVuePlugin when you create your Vue app:
import { createApp } from 'vue';
import FusionAuthVuePlugin, { type FusionAuthConfig } from '@fusionauth/vue-sdk';
const config: FusionAuthConfig = {
clientId: "", // Your app's FusionAuth client id
serverUrl: "", // The url of the server that performs the token exchange
redirectUri: "", // The URI that the user is directed to after the login/register/logout action
shouldAutoFetchUserInfo: true, // Automatically fetch userInfo when logged in. Defaults to false.
shouldAutoRefresh: true, // Enables automatic token refresh. Defaults to false.
onRedirect: (state?: string) => { }, // Optional callback invoked upon redirect back from login or register.
}
const app = createApp(App);
app.use(FusionAuthVuePlugin, config);
app.mount('#app')
If you want to use the pre-styled buttons, don't forget to import the css file:
import '@fusionauth/vue-sdk/dist/style.css';
If you're using the SDK in a nuxt app, pass the useCookie composable into the config object in your plugin definition.
import { useCookie } from "#app";
export default defineNuxtPlugin((nuxtApp) => {
nuxtApp.vueApp.use(FusionAuthVuePlugin, {
...config
nuxtUseCookie: useCookie,
});
});
Using createFusionAuth, the SDK can be configured more flexibly.
export default defineNuxtPlugin({
setup(nuxtApp) {
const fusionauth = createFusionAuth(config);
nuxtApp.vueApp.use(FusionAuthVuePlugin, { instance: fusionauth })
return {
provide: { fusionauth }
};
},
})
useFusionAuth composableYou can interact with the SDK by using the useFusionAuth, which leverages Vue's Composition API.
View the full API documentation
<script setup lang="ts">
import { computed } from 'vue';
import { useFusionAuth } from "@fusionauth/vue-sdk";
const {
isLoggedIn,
userInfo,
isFetchingUserInfo,
login,
register,
logout
} = useFusionAuth();
const welcomeMessage = computed(() => {
const name = userInfo.value?.given_name
return name
? 'Welcome!'
: `Welcome ${userInfo.value.given_name}!`;
});
</script>
<template>
<p>{{ welcomeMessage }}</p>
<div v-if="isLoggedIn">
<p v-if="isFetchingUserInfo">
Loading...
</p>
<button @click="logout()">Logout</button>
</div>
<div v-if="!isLoggedIn">
<button @click="login()">Login</button>
<p>or</p>
<button @click="register()">Register</button>
</div>
</template>
The login and register functions accept an optional string parameter: state, which will be passed back to the optional onRedirect callback specified on your FusionAuthConfig. Though you may pass any value you would like for the state parameter, it is often used to indicate which page the user was on before redirecting to login or registration, so that the user can be returned to that location after a successful authentication.
The RequireAuth and RequireAnonymous can be used to restrict content based on authentication and authorization.
<template>
<RequireAuth :with-role="['ADMIN', 'SUPER-ADMIN']">
<!-- only displays for users with specifed role -->
<button>Delete user</button>
</RequireAuth>
</template>
<template>
<RequireAnonymous>
<!-- content for unauthenticated users -->
</RequireAnonymous>
</template>
There are three pre-styled buttons that are configured to perform login/logout/registration. They can be placed anywhere in your app as is.
<template>
<FusionAuthLoginButton />
<FusionAuthLogoutButton />
<FusionAuthRegisterButton />
</template>
<style>
:root {
--fusionauth-button-background-color: #096324;
--fusionauth-button-text-color: #fff;
}
</style>
With the CSS variables, you can customize the buttons to match your app’s style.
See the FusionAuth Vue Quickstart for a full tutorial on using FusionAuth and Vue.
These docs are generated with typedoc and configured with typedoc-plugin-markdown.
Use backticks for code in this readme. This readme is included on the FusionAuth website, and backticks show the code in the best light there.
Using shouldAutoRefresh with Nuxt may cause the first refresh attempt to fail with 403, if your plugin instance is instantiated on the server. This is likely because the FusionAuth authorization token is httpOnly and not present in the request sent by the server. Subsequent refresh requests queued up by SDK auto-refreshing should succeed.
You may prefer to invoke initAutoRefresh from the app:beforeMount hook, which runs client-side only.
defineNuxtPlugin({
setup: (nuxtApp) => {
const fusionauth = createFusionAuth({
...config,
shouldAutoRefresh: false, // is false by default
});
nuxtApp.vueApp.use(FusionAuthVuePlugin, { instance: fusionauth })
return {
provide: { fusionauth }
};
},
hooks: {
"app:beforeMount"() {
const { $fusionauth } = useNuxtApp();
$fusionauth.initAutoRefresh();
},
}
})
This package is released via GitHub actions.
This library may periodically receive updates with bug fixes, security patches, tests, code samples, or documentation changes.
These releases may also update dependencies, language engines, and operating systems, as we'll follow the deprecation and sunsetting policies of the underlying technologies that the libraries use.
This means that after a dependency (e.g. language, framework, or operating system) is deprecated by its maintainer, this library will also be deprecated by us, and may eventually be updated to use a newer version.
FAQs
FusionAuth solves the problem of building essential security without adding risk or distracting from your primary application
The npm package @fusionauth/vue-sdk receives a total of 262 weekly downloads. As such, @fusionauth/vue-sdk popularity was classified as not popular.
We found that @fusionauth/vue-sdk demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Bybit's $1.46B hack by North Korea's Lazarus Group pushes 2025 crypto losses to $1.6B in just two months, already surpassing all of 2024's $1.49B total.
Security News
OpenSSF has published OSPS Baseline, an initiative designed to establish a minimum set of security-related best practices for open source software projects.
Security News
Michigan TypeScript founder Dimitri Mitropoulos implements WebAssembly runtime in TypeScript types, enabling Doom to run after processing 177 terabytes of type definitions.