mirror of
https://github.com/stack-auth/stack.git
synced 2026-06-04 21:04:37 +08:00
e2fbe2ca09
Cross-subdomain refresh cookies were not being deleted correctly because the domain option was not passed to deleteCookie/deleteCookieClient. This caused stale cookies to accumulate and auth state to persist across subdomains after sign-out. Also eagerly warms the trusted parent domain cache on app construction to avoid a race condition where navigation after sign-in could prevent the cross-subdomain cookie from being written. <!-- Make sure you've read the CONTRIBUTING.md guidelines: https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md --> <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Automatically recreates a missing cross-subdomain refresh cookie on app startup in browser sessions when applicable. * **Bug Fixes** * Cookie deletions now correctly scope removals to the encoded parent domain when applicable for both browser and server token-store flows. * **Performance** * Pre-warms a domain-resolution cache in browser token-store scenarios to reduce authentication latency. * **Tests** * Added end-to-end tests validating custom refresh-cookie name encoding/decoding, non-custom cookie handling, and eager cookie recreation. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|---|---|---|
| .. | ||
| scripts | ||
| src | ||
| .env | ||
| .eslintrc.cjs | ||
| .gitignore | ||
| components.json | ||
| LICENSE | ||
| next-env.d.ts | ||
| package-template.json | ||
| package.json | ||
| postcss.config.js | ||
| quetzal.config.json | ||
| README.md | ||
| tailwind.config.js | ||
| tsconfig.json | ||
| tsdown.config.ts | ||
| vitest.config.ts | ||
Stack Auth: Open-source Clerk/Auth0 alternative
📘 Docs | ☁️ Hosted Version | ✨ Demo | 🎮 Discord | GitHub
Stack Auth is a managed user authentication solution. It is developer-friendly and fully open-source (licensed under MIT and AGPL).
Stack Auth gets you started in just five minutes, after which you'll be ready to use all of its features as you grow your project. Our managed service is completely optional and you can export your user data and self-host, for free, at any time.
We support Next.js frontends, along with any backend that can use our REST API. Check out our setup guide to get started.
📦 Installation & Setup
- Run Stack Auth's installation wizard with the following command:
npx @stackframe/stack-cli@latest init - Then, create an account on the Stack Auth dashboard, create a new project with an API key, and copy its environment variables into the .env.local file of your Next.js project:
NEXT_PUBLIC_STACK_PROJECT_ID=<your-project-id> NEXT_PUBLIC_STACK_PUBLISHABLE_CLIENT_KEY=<your-publishable-client-key> STACK_SECRET_SERVER_KEY=<your-secret-server-key> - That's it! You can run your app with
npm run devand go to http://localhost:3000/handler/signup to see the sign-up page. You can also check out the account settings page at http://localhost:3000/handler/account-settings.
Check out the documentation for a more detailed guide.