From 5cde96419a8da39080f884898d0a712e2887af91 Mon Sep 17 00:00:00 2001
From: Zoey Kaiser <zoeykaiser8@gmail.com>
Date: Wed, 11 Oct 2023 12:05:51 +0200
Subject: [PATCH] improve docs more

---
 .../3.application-side/4.protecting-pages.md  | 40 ++++++++++++++++++-
 1 file changed, 39 insertions(+), 1 deletion(-)

diff --git a/docs/content/v0.6/3.application-side/4.protecting-pages.md b/docs/content/v0.6/3.application-side/4.protecting-pages.md
index 507469c5..dd75c1db 100644
--- a/docs/content/v0.6/3.application-side/4.protecting-pages.md
+++ b/docs/content/v0.6/3.application-side/4.protecting-pages.md
@@ -11,13 +11,51 @@ Briefly summarized, you can enable global protection (1) in your `nuxt.config.ts
 export default defineNuxtConfig({
    modules: ['@sidebase/nuxt-auth'],
    auth: {
-    globalAppMiddleware: true
+    globalAppMiddleware: true // Boolean or GlobalMiddlewareOptions
    }
 })
 ```
 
 Now *all pages* will require sign-in. Learn how to add excepted pages [below](/nuxt-auth/v0.6/application-side/protecting-pages#disabling-the-global-middleware-locally)
 
+You can also set an object as the `globalAppMiddleware` in which you can futhur customize the behaviour of the global protection. 
+
+```ts
+/**
+ * Configuration for the global application-side authentication-middleware.
+ */
+interface GlobalMiddlewareOptions {
+  /**
+   * Whether to add a global authentication middleware that protects all pages.
+   *
+   * @example true
+   * @default false
+   */
+  isEnabled: boolean
+  /**
+   * Whether to enforce authentication if the target-route does not exist. Per default the middleware redirects
+   * to Nuxts' default 404 page instead of forcing a sign-in if the target does not exist. This is to avoid a
+   * user-experience and developer-experience of having to sign-in only to see a 404 page afterwards.
+   *
+   * Note: Setting this to `false` this may lead to `vue-router` + node related warnings like: "Error [ERR_HTTP_HEADERS_SENT] ...",
+   * this may be related to https://github.com/nuxt/framework/issues/9438.
+   *
+   * @example false
+   * @default true
+   */
+  allow404WithoutAuth?: boolean
+  /**
+   * Whether to automatically set the callback url to the page the user tried to visit when the middleware stopped them. This is useful to disable this when using the credentials provider, as it does not allow a `callbackUrl`. Setting this
+   * to a string-value will result in that being used as the callbackUrl path. Note: You also need to set the global `addDefaultCallbackUrl` setting to `false` if you want to fully disable this.
+   *
+   * @example false
+   * @example /i-caught-you-but-now-you-are-signed-in
+   * @default true
+   */
+  addDefaultCallbackUrl?: boolean | string
+}
+```
+
 To enable page-local protection (2), add the following `definePageMeta` directive to a page:
 ```vue
 <!-- file: ~/pages/protected.vue -->