@drvalue-oss/iam-core
v0.1.1
Published
Framework-agnostic primitives for drvalue IAM: types, constants, JWT decode, token storage, login URL builders
Readme
@drvalue-oss/iam-core
Framework-agnostic primitives for drvalue IAM. Used by all other @drvalue-oss/iam-* packages and safe to use directly from Vite SPAs, Workers, scripts — anywhere that doesn't need a NestJS or Next.js adapter.
Install
pnpm add @drvalue-oss/iam-coreWhat's in here
| Symbol | Purpose |
|---|---|
| IamUserPayload, JwtPayload, GroupMembership, IamTokenResponse | Typed wire-shapes for IAM JWT claims, X-User-* headers, and /auth/token/* responses |
| IAM_ENDPOINTS, STORAGE_KEYS, IAM_HEADERS, IAM_ROLE | Constants kept in sync with the IAM server. Use these instead of string literals. |
| decodeJwtPayload(token) | base64url decode of the JWT payload. Does not verify the signature — gateway does that. |
| getAccessToken / setAccessToken / clearAccessToken / getTokenExpiresAt / isTokenExpiringSoon | localStorage-backed token helpers |
| configureTokenStorage({ accessToken, tokenExpiresAt }) | Override storage keys for multi-app coexistence |
| createAuthOrigin<TOrigin>({ defaultOrigin, storageKey }) | sessionStorage marker for apps that have multiple parallel login flows (e.g. user vs admin) |
| buildLoginUrl({ iamBaseUrl, callbackUrl, extraParams }) | Construct the IAM login redirect URL |
| buildRegisterUrl(...) | Same as above but for the register page |
Example
import {
buildLoginUrl,
setAccessToken,
decodeJwtPayload,
isTokenExpiringSoon,
} from '@drvalue-oss/iam-core';
const loginUrl = buildLoginUrl({
iamBaseUrl: 'https://iam.drvalue.co.kr',
callbackUrl: 'https://app.drvalue.co.kr/auth/callback',
extraParams: { from: 'user' },
});
window.location.href = loginUrl;
// ...after callback resolves the token:
setAccessToken(accessToken, expiresIn);
const payload = decodeJwtPayload(accessToken);
console.log(payload.email);
if (isTokenExpiringSoon(60_000)) {
// refresh now
}