name: nuxt-users description: Configure and use the nuxt-users module for Nuxt 3 and Nuxt 4. Use when adding authentication, user management, roles, password reset, database setup (SQLite/MySQL/PostgreSQL), or CLI commands (migrate, create-user). Covers nuxt.config (nuxtUsers), composables (useAuthentication, useUsers, usePublicPaths, usePasswordValidation, useNuxtUsersLocale), components (NUsersLoginForm, NUsersLogoutLink, etc.), and authorization (whitelist, permissions). license: MIT metadata: author: rrd108 version: "1.0"
Nuxt Users skill
This skill helps you work with the nuxt-users module: user authentication, authorization, database setup, and CLI for Nuxt 3 and Nuxt 4 apps.
When to use this skill
- User asks to add login, register, or logout to a Nuxt app
- User needs to set up or change the database (SQLite, MySQL, PostgreSQL) for nuxt-users
- User wants to run CLI commands:
npx nuxt-users migrate,npx nuxt-users create-user - User needs to configure permissions, roles, or public routes (whitelist)
- User is customizing password validation, session duration, or mailer (password reset)
- User is using composables like
useAuthentication,useUsers,usePublicPaths, orusePasswordValidation - User is styling or integrating components like
NUsersLoginForm,NUsersLogoutLink,NUsersProfileInfo,NUsersResetPasswordForm,NUsersList,NUsersUserForm
Step-by-step: initial setup
-
Install the module and peer dependencies
npm install nuxt-users npm install db0 better-sqlite3 bcrypt nodemailerFor MySQL or PostgreSQL, install the corresponding driver (
mysql2orpg) instead of or in addition tobetter-sqlite3as required. -
Register the module in
nuxt.config.tsexport default defineNuxtConfig({ modules: ['nuxt-users'] }) -
Run migrations From the project root (where
nuxt.config.tslives):npx nuxt-users migrate -
Create at least one user
npx nuxt-users create-user -e admin@example.com -n "Admin User" -p password123 -r adminFlags:
-eemail,-nname,-ppassword,-rrole (optional). -
Configure permissions (required for protected routes) Without
auth.permissions, authenticated users cannot access protected routes. Prefer early configuration:export default defineNuxtConfig({ modules: ['nuxt-users'], nuxtUsers: { auth: { permissions: { admin: ['*'], user: ['/profile', '/api/nuxt-users/me'] } } } }) -
Use login in a page
- Use the
NUsersLoginFormcomponent and handle@successby callinglogin(user)fromuseAuthentication(). - Optionally redirect after login (e.g.
navigateTo('/')).
- Use the
Configuration reference (nuxt.config.ts)
All options live under nuxtUsers in nuxt.config.ts.
| Area | Key | Notes |
|---|---|---|
| Database | connector.name | 'sqlite' | 'mysql' | 'postgresql' |
| Database | connector.options | path (SQLite), or host, port, user, password, database (MySQL/PostgreSQL) |
| API | apiBasePath | Default '/api/nuxt-users' |
| Tables | tables.users, tables.personalAccessTokens, tables.passwordResetTokens, tables.migrations | Custom table names |
| Mailer | mailer | Nodemailer config for password reset emails |
| URLs | passwordResetUrl, emailConfirmationUrl | Paths for redirects |
| Auth | auth.whitelist | Public routes (e.g. ['/register']); /login is always public |
| Auth | auth.tokenExpiration | Minutes (default 1440) |
| Auth | auth.rememberMeExpiration | Days (default 30) |
| Auth | auth.permissions | Role → paths (e.g. admin: ['*'], user: ['/profile']) |
| Auth | auth.google | Google OAuth: clientId, clientSecret, callbackUrl, etc. |
| Password | passwordValidation | minLength, requireUppercase, requireLowercase, requireNumbers, requireSpecialChars, preventCommonPasswords |
| Data | hardDelete | true = hard delete, false = soft delete (default) |
| Locale | locale.default, locale.texts, locale.fallbackLocale | Localization |
Runtime config is also supported: use runtimeConfig.nuxtUsers for env-based or server-only settings. The CLI merges that when loadNuxt succeeds from the project root. If loadNuxt fails (no nuxt.config, output-only deploy, or missing nuxt/@nuxt/kit under --omit=dev), the CLI falls back to DB_* env vars and defaults for other options — custom tables / passwordValidation from config may not apply. See docs/user-guide/configuration.md (CLI sections).
CLI commands
Run from the project root so nuxt.config.ts (and optionally .env) are found.
-
Migrations
npx nuxt-users migrate -
Create user
npx nuxt-users create-user -e <email> -n "<name>" -p <password> [-r <role>] -
Legacy/table creation (if needed for older setups)
npx nuxt-users create-users-table npx nuxt-users create-personal-access-tokens-table npx nuxt-users create-password-reset-tokens-table npx nuxt-users create-migrations-table
Production: The CLI is not inside
.output/alone; you neednuxt-users(and peers) installed where you run Node.npxmay download the package if absent. Apackage.jsonscript ("nuxt-users": "nuxt-users") uses the local binary. Full config requires the app root withnuxt.configand resolvable@nuxt/kit; build-only oromit=devdeploys often hit env fallback (DB_*) instead — see configuration docs.
Composables (auto-imported)
- useAuthentication() —
user,isAuthenticated,login(user, rememberMe?),logout(),fetchUser(useSSR?),initializeUser() - useUsers() — Admin:
users,pagination,loading,error,fetchUsers(page?, limit?),updateUser,addUser,removeUser(userId) - usePublicPaths() —
getPublicPaths(),getAccessiblePaths(),isPublicPath(path),isAccessiblePath(path, method?) - usePasswordValidation(moduleOptions?, options?) —
validate(password),isValid,errors,strength,score,clearValidation() - useNuxtUsersLocale() —
t(key, params?),currentLocale,fallbackLocale
Components
NUsersLoginForm— Login form; use@successto calllogin(user)fromuseAuthentication()NUsersLogoutLink— Logout link/buttonNUsersProfileInfo— Display profileNUsersResetPasswordForm— Password reset formNUsersList— List users (admin)NUsersUserForm— Create/edit user form
Common edge cases
-
Users get redirected to login on protected routes
ConfigurenuxtUsers.auth.permissionsso each role has access to the routes they need (e.g.admin: ['*'],user: ['/profile']). -
CLI says config not found or uses wrong tables / password rules
Run the CLI from the directory that containsnuxt.config. If you only deploy.output/or run withnuxtomitted from production,loadNuxtmay fail and the CLI usesDB_*fallback with defaults for non-connector options. SetDB_*(and see docs) or run the CLI from CI with a full app checkout. -
Migrations table missing
Runnpx nuxt-users migrateonce from the project root. The module will warn at runtime if the migrations table is missing. -
Password validation too strict
AdjustnuxtUsers.passwordValidation(e.g. lowerminLength, setrequireUppercase/requireNumbers/requireSpecialCharstofalse). Do not disable all checks in production without good reason. -
Database driver errors
Install the correct peer: SQLite →better-sqlite3, MySQL →mysql2, PostgreSQL →pg. Ensureconnector.nameandconnector.optionsmatch the driver and environment (e.g. correct host, port, credentials). -
Google OAuth
SetnuxtUsers.auth.googlewithclientId,clientSecret, and optionallycallbackUrl,successRedirect,errorRedirect,scopes,allowAutoRegistration.
File references
- Project LLM context and config types: llms.txt in the repo root
- Full docs: https://nuxt-users.webmania.cc/
- Getting started and examples:
../../docs/user-guide/getting-started.md,../../docs/examples/basic-setup.md - Authorization:
../../docs/user-guide/authorization.md - Configuration details:
../../docs/user-guide/configuration.md
Keep nuxtUsers config and permissions in sync with the app’s roles and routes; use guard clauses and early returns when implementing custom auth logic.