improve docs more

sidebase · Oct 11, 2023 · 5cde964 · 5cde964
1 parent 6afaa1c
commit 5cde964
Showing 1 changed file with 39 additions and 1 deletion.
diff --git a/docs/content/v0.6/3.application-side/4.protecting-pages.md b/docs/content/v0.6/3.application-side/4.protecting-pages.md
@@ -11,13 +11,51 @@ Briefly summarized, you can enable global protection (1) in your `nuxt.config.ts
 export default defineNuxtConfig({
    modules: ['@sidebase/nuxt-auth'],
    auth: {
-    globalAppMiddleware: true
+    globalAppMiddleware: true // Boolean or GlobalMiddlewareOptions
    }
 })
 ```
 
 Now *all pages* will require sign-in. Learn how to add excepted pages [below](/nuxt-auth/v0.6/application-side/protecting-pages#disabling-the-global-middleware-locally)
 
+You can also set an object as the `globalAppMiddleware` in which you can futhur customize the behaviour of the global protection. 
+
+```ts
+/**
+ * Configuration for the global application-side authentication-middleware.
+ */
+interface GlobalMiddlewareOptions {
+  /**
+   * Whether to add a global authentication middleware that protects all pages.
+   *
+   * @example true
+   * @default false
+   */
+  isEnabled: boolean
+  /**
+   * Whether to enforce authentication if the target-route does not exist. Per default the middleware redirects
+   * to Nuxts' default 404 page instead of forcing a sign-in if the target does not exist. This is to avoid a
+   * user-experience and developer-experience of having to sign-in only to see a 404 page afterwards.
+   *
+   * Note: Setting this to `false` this may lead to `vue-router` + node related warnings like: "Error [ERR_HTTP_HEADERS_SENT] ...",
+   * this may be related to https://github.com/nuxt/framework/issues/9438.
+   *
+   * @example false
+   * @default true
+   */
+  allow404WithoutAuth?: boolean
+  /**
+   * Whether to automatically set the callback url to the page the user tried to visit when the middleware stopped them. This is useful to disable this when using the credentials provider, as it does not allow a `callbackUrl`. Setting this
+   * to a string-value will result in that being used as the callbackUrl path. Note: You also need to set the global `addDefaultCallbackUrl` setting to `false` if you want to fully disable this.
+   *
+   * @example false
+   * @example /i-caught-you-but-now-you-are-signed-in
+   * @default true
+   */
+  addDefaultCallbackUrl?: boolean | string
+}
+```
+
 To enable page-local protection (2), add the following `definePageMeta` directive to a page:
 ```vue
 <!-- file: ~/pages/protected.vue -->