Auth.* cookie should not be set if the user isn't logged in

[sdboer78]

Version

module: 5.0.0-1667386184.dfbbb54
nuxt: 2.15.8

Nuxt-auth default behavior is to set an auth-strategy set-cookie header on each page-view. This results in page not being cached in caching systems.

Referring to:
#1029

Also CloudFlare has the default behavior to ignore caching when the application has a set-cookie in the response:
https://developers.cloudflare.com/cache/about/default-cache-behavior/#cloudflare-cache-responses:~:text=The%20Set%2DCookie%20header%20exists.
Its hard, or maybe even not possible to change this behavior.

So when using the nuxt-auth module no page will be cached in cache systems like CloudFlare, Varnish, Nginx-caching, Apache-caching, etc.

Nuxt-auth should not set any auth cookie when user is not logged in.

[cyppher]

+1

The set-cookie header has same impact as setting cache control headers to private, no-store, no-cache, or max-age=0. In effect Nuxt SSR now states cache should not be activated for this resource, even if it's a non protected page. Thus: bypassing the cache is a result of this header and should be resolved in this module imho.