@sheetbase/auth

User management system for Sheetbase app.

Usage no npm install needed!

<script type="module">
  import sheetbaseAuth from 'https://cdn.skypack.dev/@sheetbase/auth';
</script>

README

Installation

  • Install: npm install --save @sheetbase/auth

  • Usage:

// 1. import module
import { AuthModule } from "@sheetbase/auth";

// 2. create an instance
export class App {
  // the object
  authModule: AuthModule;

  // initiate the instance
  constructor() {
    this.authModule = new AuthModule(/* options */);
  }
}

Options

Name Type Description
encryptionSecret string
oobBody? OobBody
oobSubject? OobSubject
oobUrl? string | OobUrl

Lib

The Lib class.

Lib properties

Name Type Description
authActionRoute AuthActionRoute
authOauthRoute AuthOauthRoute
authOobRoute AuthOobRoute
authPublicRoute AuthPublicRoute
authRoute AuthRoute
authService AuthService
authTokenRoute AuthTokenRoute
authUserRoute AuthUserRoute
helperService HelperService
idTokenMiddleware IdTokenMiddleware
oauthService OauthService
oobService OobService
optionService OptionService
tokenService TokenService
userMiddleware UserMiddleware

Lib methods

Function Returns type Description
registerRoutes(routeEnabling?, middlewares?) RouterService<> Expose the module routes
useUserMiddleware() RoutingHandler
userIdTokenMiddleware() RoutingHandler

registerRoutes(routeEnabling?, middlewares?)

Expose the module routes

Parameters

Param Type Description
routeEnabling true | DisabledRoutes
middlewares Middlewares | RouteMiddlewares

Returns

RouterService<>


useUserMiddleware()

The useUserMiddleware call signature.

Returns

RoutingHandler


userIdTokenMiddleware()

The userIdTokenMiddleware call signature.

Returns

RoutingHandler


Routing

AuthModule provides REST API endpoints allowing clients to access server resources. Theses enpoints are not exposed by default, to expose the endpoints:

AuthModule.registerRoutes(routeEnabling?);

Errors

AuthModule returns these routing errors, you may use the error code to customize the message:

  • auth/invalid-email: Invalid email.
  • auth/invalid-input: Invalid input.
  • auth/invalid-password: Invalid password.
  • auth/invalid-token: Invalid token.
  • auth/user-exists: User already exists.
  • auth/user-not-exists: No user.

Routes

Routes overview

Route Method Disabled Description
/auth/action GET true Default oob ui
/auth/action POST true Handle for oob action
/auth/oauth GET true Get oauth user profile
/auth/oob GET true Check an oob code
/auth/oob POST true Handle oob actions
/auth/oob PUT true Send oob emails
/auth/public GET true Get user public profiles
/auth DELETE true Logout or delete account
/auth POST true Log a user in
/auth PUT true Create new account
/auth/token GET true exchange the refresh token for a new id token
/auth/user GET true Get auth user profile
/auth/user PATCH true Update auth user data

Routes detail

GET /auth/action

DISABLED Default oob ui

Request query

Name Type Description
mode string
oobCode string

Response

string


POST /auth/action

DISABLED Handle for oob action

Request body

Name Type Description
mode string
oobCode string
newPassword? string

Response

object


GET /auth/oauth

DISABLED Get oauth user profile

Request query

Name Type Description
providerId UserProviderId
accessToken string

Response

object


GET /auth/oob

DISABLED Check an oob code

Request query

Name Type Description
oobCode string
mode string

Response

object


POST /auth/oob

DISABLED Handle oob actions

Request body

Name Type Description
oobCode string
mode string
newPassword? string

Response

void


PUT /auth/oob

DISABLED Send oob emails

Request body

Name Type Description
mode string
email string

Response

void


GET /auth/public

DISABLED Get user public profiles

Request query

Name Type Description
uid? string
uids? string

Response

UserProfile | object


DELETE /auth

DISABLED Logout or delete account

Request body

Name Type Description
cancelAccount? boolean
refreshToken? string

Middleware data

Name Type Description
user UserObject

Response

void


POST /auth

DISABLED Log a user in

Request body

Name Type Description
email? string
password? string
customToken? string
offlineAccess? boolean

Response

Record<string, unknown>


PUT /auth

DISABLED Create new account

Request body

Name Type Description
email? string
password? string

Response

object


GET /auth/token

DISABLED exchange the refresh token for a new id token

Request query

Name Type Description
refreshToken string

Response

object


GET /auth/user

DISABLED Get auth user profile

Middleware data

Name Type Description
user UserObject

Response

UserInfo


PATCH /auth/user

DISABLED Update auth user data

Request body

Name Type Description
profile? UserEditableProfile
additionalData? Record<string, unknown>
settings? Record<string, unknown>
publicly?

string[

]
privately?

string[

]
username? string
currentPassword? string
newPassword? string

Middleware data

Name Type Description
user UserObject

Response

UserInfo


License

@sheetbase/auth is released under the MIT license.