Vue Auth / Changes / 2.x


  • Add optional key prameter for $auth.check(data, key).
  • Add localhost check for cookies (IE Fix).
  • Add frisbee driver.
  • Fix bug with object compare for roles vars.
  • Allow params attribute for oauth 2 url parameters (with full backwards compatibility).
  • Fix proper promise return for Axios driver.


  • Updated / consolidated documentation.
  • Restore auto refresh interval.
  • Add support for promises.


  • Update to handle failed token redirects internally (rather than requiring additional interceptors).


  • Fix compile issue when using function shorthand.
  • Update 2.x demo to include 401 redirect.
  • Add ability to set response_type for oauth2.
  • Add ability to set callback function using $auth.ready(callback).
  • Restore enable/disable other as disableImpersonate and enableImpersonate.


  • Change "other" to "impersonate" keyword (and all accompanying functions).
  • Add ignoreVueAuth field that can be set on requests to prevent setting headers or tokens on requests.
  • Add impersonating field that can be set to false to run that request with "default" token (not impersonating).


  • Removed _invalidToken check on http drivers. The method still exists but is empty.
  • Token names can be fully set, no behind the scenes pre-pending.
  • Fixed running demos
  • Updated docs.


  • Update so that tokens can be fully named in options. Without additional appended parameters.
  • Add tokenStore array for setting storage preferences (['localStorage', 'cookie']).
  • Fix removing rememberMe cookie on logout.
  • Fix register redirect to completely ignore login redirect.


  • Update demos to standalone installs.
  • Separate docs.
  • Add Vue.auth object (with no context, for use in interceptors).


  • Fix to check if error contains response in Axios driver.
  • Fix for redirect being ignored when using autoLogin on register.
  • Add ability to manually set tokens (for static/dynamic pages).


  • Fix invalidToken logout call for Axios driver (to match vue-resource driver update).


  • Fix Axios driver error response intercept.
  • Update so support fall back for token to be stored in cookie if localStorage is not supported. Note that the cookie is used as a dud and not meant to be used by server or back-end as part of authentication scheme.
  • Update token name to underscores auth_token instead of auth-token.
  • Fix issue with invalid token on refresh not firing off _invalidToken token call.


  • Update devise auth to support latest (backward compatible).
  • Fix issues with refresh not authenticating when globally setting fetchData.enabled to false.


  • Fix using loginData.fetchUser to still authenticate without user.
  • Fix refresh / user fetch on app reload (browser refresh). It will now run sequentially in case the token is expired forcing a refresh first.
  • Add refresh refreshData.interval property for automatic refresh fetches. Default to 30s. Set to 0 for none.


  • Fix for loginData.fetchUser when set to false.
  • Removed transition method, replaced with redirect.
  • Added redirect method for easy access to check for redirects from auth.


  • Added axios driver.
  • Addded parseOauthState option.


  • Add check for missing token when authenticated (should auto logout).
  • Add enabled option for fetchData useful in case we need a preset before auth. For instance when fetching properties from server.


  • Update default Webpack setup to use Vue 2.x.


  • Add transition tracking (useful for url redirects on login).


  • Fix for checking that a user is authenticated when checking invalid token function (401).
  • Fix for 401 auth auto redirect when invalid token.
  • An option for refreshData.enabled has been added to disable refresh.
  • Updated docs.
  • Updated 2.x demo to use latest Vue version.


Vue has been in such a volatile state, especially between versions and 1 and 2. There have been many breaking changes as well as removing vue-resource as the officially recommended package for Vue.

Because of all these changes and potential breaking changes the package has been changed to a much more driver centric model for "router", "resource" and "authentication" . Due to the nature of Vue and the current eco-system with Webpack, to avoid bloat this means the drivers will need to be passed in manually. Check the install section for more info.

We will see some ugly require code when including the plugin. But as a trade off it will reduce bloat and allow the plugin to much better support different versions of Vue as well as different "router", "resource" and "authentication" modules.

To ease confusion for this driver centric model the plugin has been bumped to a 2.x version. This will also keep it in line with the current Vue 2.x version.

  • Stability for extend functionality.
  • Driver centric model for "router", "resource" and "authentication".
  • The options for router, http and auth must be set now and will not auto bind (this is because webpack would pre load all drivers with dynamic variable).
  • Added loginData.fetchUser option to allow disabling of user fetch on login (which will also be disabled on refreshes).
  • Make "authorization" header case insensitive for bearer and basic auth.
  • Bearer auth "bearer" text is now case insensitive and will accept with and without colon after "bearer" text.