@sheetbase/auth

User management system for Sheetbase app.

Installation

Install: npm install --save @sheetbase/auth
Usage:

// 1. import module
import { AuthModule } from "@sheetbase/auth";

// 2. create an instance
export class App {
  // the object
  authModule: AuthModule;

  // initiate the instance
  constructor() {
    this.authModule = new AuthModule(/* options */);
  }
}

Options

Name	Type	Description
encryptionSecret	`string`
oobBody?	`OobBody`
oobSubject?	`OobSubject`
oobUrl?	`string \| OobUrl`

Lib

The Lib class.

Lib properties

Name	Type	Description
authActionRoute	`AuthActionRoute`
authOauthRoute	`AuthOauthRoute`
authOobRoute	`AuthOobRoute`
authPublicRoute	`AuthPublicRoute`
authRoute	`AuthRoute`
authService	`AuthService`
authTokenRoute	`AuthTokenRoute`
authUserRoute	`AuthUserRoute`
helperService	`HelperService`
idTokenMiddleware	`IdTokenMiddleware`
oauthService	`OauthService`
oobService	`OobService`
optionService	`OptionService`
tokenService	`TokenService`
userMiddleware	`UserMiddleware`

Lib methods

Function	Returns type	Description
registerRoutes(routeEnabling?, middlewares?)	`RouterService<>`	Expose the module routes
useUserMiddleware()	`RoutingHandler`
userIdTokenMiddleware()	`RoutingHandler`

`registerRoutes(routeEnabling?, middlewares?)`

Expose the module routes

Parameters

Param	Type	Description
routeEnabling	`true \| DisabledRoutes`
middlewares	`Middlewares \| RouteMiddlewares`

Returns

RouterService<>

`useUserMiddleware()`

The useUserMiddleware call signature.

Returns

RoutingHandler

`userIdTokenMiddleware()`

The userIdTokenMiddleware call signature.

Returns

RoutingHandler

Routing

AuthModule provides REST API endpoints allowing clients to access server resources. Theses enpoints are not exposed by default, to expose the endpoints:

AuthModule.registerRoutes(routeEnabling?);

Errors

AuthModule returns these routing errors, you may use the error code to customize the message:

auth/invalid-email: Invalid email.
auth/invalid-input: Invalid input.
auth/invalid-password: Invalid password.
auth/invalid-token: Invalid token.
auth/user-exists: User already exists.
auth/user-not-exists: No user.

Routes

Routes overview

Route	Method	Disabled	Description
/auth/action	`GET`	`true`	Default oob ui
/auth/action	`POST`	`true`	Handle for oob action
/auth/oauth	`GET`	`true`	Get oauth user profile
/auth/oob	`GET`	`true`	Check an oob code
/auth/oob	`POST`	`true`	Handle oob actions
/auth/oob	`PUT`	`true`	Send oob emails
/auth/public	`GET`	`true`	Get user public profiles
/auth	`DELETE`	`true`	Logout or delete account
/auth	`POST`	`true`	Log a user in
/auth	`PUT`	`true`	Create new account
/auth/token	`GET`	`true`	exchange the refresh token for a new id token
/auth/user	`GET`	`true`	Get auth user profile
/auth/user	`PATCH`	`true`	Update auth user data

Routes detail

`GET` /auth/action

DISABLED Default oob ui

Request query

Name	Type	Description
mode	`string`
oobCode	`string`

Response

string

`POST` /auth/action

DISABLED Handle for oob action

Request body

Name	Type	Description
mode	`string`
oobCode	`string`
newPassword?	`string`

Response

object

`GET` /auth/oauth

DISABLED Get oauth user profile

Request query

Name	Type	Description
providerId	`UserProviderId`
accessToken	`string`

Response

object

`GET` /auth/oob

DISABLED Check an oob code

Request query

Name	Type	Description
oobCode	`string`
mode	`string`

Response

object

`POST` /auth/oob

DISABLED Handle oob actions

Request body

Name	Type	Description
oobCode	`string`
mode	`string`
newPassword?	`string`

Response

void

`PUT` /auth/oob

DISABLED Send oob emails

Request body

Name	Type	Description
mode	`string`
email	`string`

Response

void

`GET` /auth/public

DISABLED Get user public profiles

Request query

Name	Type	Description
uid?	`string`
uids?	`string`

Response

UserProfile | object

`DELETE` /auth

DISABLED Logout or delete account

Request body

Name	Type	Description
cancelAccount?	`boolean`
refreshToken?	`string`

Middleware data

Name	Type	Description
user	`UserObject`

Response

void

`POST` /auth

DISABLED Log a user in

Request body

Name	Type	Description
email?	`string`
password?	`string`
customToken?	`string`
offlineAccess?	`boolean`

Response

Record<string, unknown>

`PUT` /auth

DISABLED Create new account

Request body

Name	Type	Description
email?	`string`
password?	`string`

Response

object

`GET` /auth/token

DISABLED exchange the refresh token for a new id token

Request query

Name	Type	Description
refreshToken	`string`

Response

object

`GET` /auth/user

DISABLED Get auth user profile

Middleware data

Name	Type	Description
user	`UserObject`

Response

UserInfo

`PATCH` /auth/user

DISABLED Update auth user data

Request body

Name	Type	Description
profile?	`UserEditableProfile`
additionalData?	`Record`
settings?	`Record`
publicly?	string[
]
privately?	string[
]
username?	`string`
currentPassword?	`string`
newPassword?	`string`

Middleware data

Name	Type	Description
user	`UserObject`

Response

UserInfo

License

@sheetbase/auth is released under the MIT license.