Add cookie options

Bump axios version
Change default urls to example.com
Update documentation

README.md

@@ -54,7 +54,7 @@ export default defineNuxtConfig({
     '/whatever/**': {ssr: false}
   },
 
-  // using code response type (default)
+  // example 1: using code response type (default)
   oauth: {
     endpoints: {
       authorization: 'https://example.com/oauth/authorize',
@@ -66,7 +66,7 @@ export default defineNuxtConfig({
     scope: ['user:read']
   },
 
-  // using token response type (not recommended)
+  // example 2: using token response type (not recommended)
   oauth: {
     endpoints: {
       authorization: 'https://example.com/oauth/authorize',
@@ -86,6 +86,69 @@ This will be your callback url (host is determined by `window.location.origin`):
 
 That's it! You can now use @bitinflow/nuxt-oauth in your Nuxt app ✨
 
+## Module Options
+
+The module provides a set of customizable options to configure OAuth-based authentication for your application. Below is a detailed description of each option and its default values:
+
+### `redirect`
+
+This option defines the URLs for redirection during the authentication process.
+
+- `login` (`string`): The URL to redirect to when a user needs to log in. Default: `/login`.
+- `logout` (`string`): The URL to redirect to after logging out. Default: `/`.
+- `callback` (`string`): The URL to handle the OAuth callback. Default: `/login`.
+- `home` (`string`): The URL to redirect to after successful authentication. Default: `/`.
+
+### `endpoints`
+
+Configures the OAuth server endpoints for authorization, token exchange, and user information retrieval.
+
+- `authorization` (`string`): The OAuth authorization endpoint. Default: `https://example.com/oauth/authorize`.
+- `token` (`string`): The OAuth token endpoint. Default: `https://example.com/oauth/token`.
+- `userInfo` (`string`): The endpoint to retrieve user information. Default: `https://example.com/api/users/me`.
+- `logout` (`string | null`): The endpoint for logging out from the OAuth provider. Default: `null`.
+
+### `refreshToken`
+
+Manages the refresh token settings.
+
+- `maxAge` (`number`): The maximum age (in seconds) for storing the refresh token in cookies. Default: `60 * 60 * 24 * 30` (30 days).
+
+### `cookies`
+
+Configures cookie settings for storing OAuth tokens and related data.
+
+- `prefix` (`string`): A prefix for all cookie names. Default: none.
+- `names`: Specific names for different OAuth-related cookies.
+  - `oauth_user`: The cookie name for storing the OAuth user. Default: `oauth_user`.
+  - `oauth_state`: The cookie name for storing the OAuth state. Default: `oauth_state`.
+  - `oauth_code_verifier`: The cookie name for storing the OAuth code verifier. Default: `oauth_code_verifier`.
+  - `oauth_access_token`: The cookie name for storing the access token. Default: `oauth_access_token`.
+  - `oauth_refresh_token`: The cookie name for storing the refresh token. Default: `oauth_refresh_token`.
+- `options`: Additional settings for cookie behavior.
+  - `path` (`string`): The cookie path. Default: none.
+  - `maxAge` (`number`): The cookie's maximum age (in seconds). Default: none.
+  - `secure` (`boolean`): Whether the cookie should only be sent over HTTPS. Default: none.
+  - `sameSite` (`string`): Sets the `SameSite` cookie attribute (`lax`, `strict`, or `none`). Default: none.
+  - `domain` (`string`): Specifies the cookie's domain. Default: none.
+  - `httpOnly` (`boolean`): Indicates if the cookie is inaccessible to JavaScript. Default: none.
+
+### `clientId`
+
+- (`string`): The client ID used for OAuth authentication. Default: `please-set-client-id`.
+
+### `responseType`
+
+- (`'token' | 'code'`): The type of OAuth response, either token-based or code-based flow. Default: `code`.
+
+### `prompt`
+
+- (`'' | 'none' | 'login' | 'consent'`): The prompt parameter to control the OAuth flow. Default: `''`.
+
+### `scope`
+
+- (`string[]`): The OAuth scopes requested during authentication. Default: `[]` (empty array).
+
 ## Development
 
 ```bash