This is a small Nuxt test application for validating Vercel Bot ID on login and signup flows.
POST /api/auth/loginPOST /api/auth/signup
The browser app initializes Bot ID for both routes. The server handlers call checkBotId() and return:
200withverdict: "human"when the request passes Bot ID.403withverdict: "bot"when Bot ID classifies the request as automation.
Both client and server Bot ID checks explicitly use advancedOptions.checkLevel: "basic" so the protected route configuration matches on each side.
pnpm install
pnpm devOpen the local URL and use Test human request. The UI also renders a curl command for the selected endpoint.
Local development verifies that the Bot ID client and server calls are wired correctly. On localhost, the rendered curl command includes ?simulate=bot, which uses Bot ID's documented developmentOptions.bypass: 'BAD-BOT' behavior to exercise the blocked response locally.
After deploying to Vercel, copy the curl command from the UI. The deployed UI does not include the local simulation query parameter. A direct curl request should return an HTTP 403 response containing a JSON body with verdict: "bot" based on real Bot ID classification.
The Nuxt config includes:
modules: ['botid/nuxt']Deploy the app to Vercel, enable/configure Bot ID for the project if required by your account, then validate both flows from the hosted URL.