Strange behavior with authStore when working with two pocketbase projects

Question

Strange behavior with authStore when working with two pocketbase projects

ad-on-is opened this issue 7 months ago · 1 comments

ad-on-is commented 7 months ago

It seems as if the authStore uses the same auth/cookie/whatever across different projects.

Steps to reproduce

Create project "A"
Create project "B"
Run project "A" and log in using await usePb().collection("users").authWithPassword("user", "password");
Quit project "A"
Run project "B"
console.log(usePb().authStore.model?.id) returns the id of the user from Project "A"

Is there any setting I'm missing to prevent this?

Answer 1 · 2024-04-27T10:33:06.000Z

By default the JS SDK stores uses localStorage and if your both applications operates on the same domain then it is expected to share the same auth state because the localStorage key would be the same.

You can specify a custom unique key by manually initializing the LocalAuthStore:

import PocketBase, { LocalAuthStore } from "pocketbase"

const pb = new PocketBase("http://127.0.0.1:8090", new LocalAuthStore("your_unique_app_key"))

For more details about the auth store you could check https://github.com/pocketbase/js-sdk#auth-store.