Cookie is not set if token is too long

[SpilmontFrancois]

Environment

• Operating System: Windows_NT
• Node Version: v22.14.0
• Nuxt Version: 3.18.1
• CLI Version: 3.28.0
• Nitro Version: 2.11.8
• Package Manager: yarn@1.22.19
• Builder: -
• User Config: compatibilityDate, devtools, modules, plugins, css, ssr, typescript, fontawesome, svgo, i18n, spaLoadingTemplate, auth, pwa, vite, postcss, runtimeConfig, sentry, sourcemap
• Runtime Modules: @nuxtjs/i18n@9.5.6, @sidebase/nuxt-auth@0.10.1, @vueuse/nuxt@13.7.0, @nuxtjs/color-mode@3.5.2, nuxt-svgo@4.2.6, @vite-pwa/nuxt@1.0.4, @vesp/nuxt-fontawesome@1.2.1, @sentry/nuxt/module@9.46.0, @nuxt/eslint@1.4.1
• Build Modules: -

Reproduction

/

Describe the bug

I have the following config in my nuxt.config.ts :

auth: {
    baseURL: process.env.API_AUTH_URL,
    globalAppMiddleware: {
      isEnabled: true,
    },
    provider: {
      type: "local",
      endpoints: {
        signIn: { path: "/api/login", method: "post" },
        signOut: { path: "/api/logout", method: "post" },
        getSession: { path: "/api/user", method: "get" },
      },
      token: {
        signInResponseTokenPointer: "/token",
        maxAgeInSeconds: Number(process.env.MAX_AGE_TOKEN),
        cookieName: "auth.token",
      },
      session: {
        dataResponsePointer: "/data",
      },
      refresh: {
        isEnabled: true,
        endpoint: {
          path: "/api/refresh",
          method: "post",
        },
        refreshOnlyToken: false,
        token: {
          signInResponseRefreshTokenPointer: "/refresh_token",
          maxAgeInSeconds: Number(process.env.MAX_AGE_REFRESH_TOKEN),
          cookieName: "auth.refresh-token",
        },
      },
    },
  }

In my backend, the token returned on the login call is a JWT token including an array of rights belonging to the user.
If this token is too long, it won't be saved in a cookie and the user will have to login at every refresh of the page.
The token I tried to use was 4609 characters long, I managed to reduce its size but I think it should be noted in the documentation that there are some size limits about the cookie size (or a console error when setting the cookie).

Additional context

No response

Logs

[phoenix-ru]

Hi @SpilmontFrancois, this is a bug in local provider which doesn't let you save a very long JWT. I believe that authjs provider already breaks the cookie into multiple chunks when saving it (automatically in AuthJs), we might need to implement the same logic for local. Can't say much about the timeline as I want to focus on features listed in #1028 first.
Your contributions are as always welcome!