@restheart-cloud/kit-ng
v0.1.9
Published
Angular service, route guards, and HTTP interceptor for RESTHeart Cloud authentication — wraps @restheart-cloud/kit.
Downloads
549
Readme
@restheart-cloud/kit-ng
Wraps @restheart-cloud/kit in an Angular service with signals, route guards, and an HTTP interceptor.
Pairs with RESTHeart Cloud, which gives you a production-ready backend — MongoDB, REST API, authentication, signup/signin, all managed.
Installation
npm install @restheart-cloud/kit-ng @restheart-cloud/kitSetup
In app.config.ts:
import { provideRhAuth } from '@restheart-cloud/kit-ng';
export const appConfig: ApplicationConfig = {
providers: [
provideRhAuth({ apiBaseUrl: environment.apiUrl }),
],
};That one call registers RhAuthService, adds the HTTP interceptor (attaches the Bearer token, clears session on 401), and sets up the DI config.
How sessions work
The kit uses a Bearer token stored in localStorage — no cookies.
login()stores the token inlocalStorageand schedules a proactive refresh at 80% of the token's TTL (~12 minutes for a 15-minute token).- Every authenticated request sends
Authorization: Bearer <token>automatically. - Sessions survive page reloads as long as the token hasn't expired.
- If the token expires (laptop asleep, tab backgrounded too long, or the user hasn't interacted for 15+ minutes), the next API call gets a 401 and the session is cleared — the user sees "logged out," not a silent failure.
RhAuthService
Inject it anywhere and use signals directly in templates:
@Component({
template: `
@if (auth.isAuthenticated()) {
<span>{{ auth.user()?.profile?.firstName }}</span>
@if (auth.hasMultipleTeams()) {
<team-switcher [teams]="auth.teams()" />
}
}
`
})
export class AppComponent {
auth = inject(RhAuthService);
}Signals
| Signal | Type | Description |
|---|---|---|
| user | Signal<UserInfo \| null> | Authenticated user, or null |
| isAuthenticated | Signal<boolean> | Derived from user |
| teams | Signal<TeamMembership[]> | Teams the user belongs to |
| hasMultipleTeams | Signal<boolean> | true when user has more than one team |
Methods
All methods return Observable:
auth.checkSession() // Observable<UserInfo | null> — reads localStorage, no HTTP if no token
auth.login(email, password) // Observable<UserInfo>
auth.logout() // Observable<void>
auth.register(payload) // Observable<void>
auth.verify(email, token) // Observable<void>
auth.invite(email, role) // Observable<void>
auth.getInvitation(email, token) // Observable<Invitation>
auth.activate(payload) // Observable<void>
auth.acceptInvite(token) // Observable<void>
auth.switchTeam(teamId) // Observable<void> — re-fetches session
auth.forgotPassword(email) // Observable<void>
auth.resetPassword(payload) // Observable<void>Guards
import { authGuard, publicGuard } from '@restheart-cloud/kit-ng';
export const routes: Routes = [
{
path: 'app',
canActivate: [authGuard], // redirects to /auth/login if not authenticated
loadComponent: () => import('./shell/shell.component'),
},
{
path: 'auth/login',
canActivate: [publicGuard], // redirects to /app if already authenticated
loadComponent: () => import('./pages/login/login.component'),
},
];authGuard checks the in-memory token first — no HTTP call if the user is already authenticated in the current session.
Quickstart
The fastest path to a working app:
- Create a service on RESTHeart Cloud
- Fork
restheart-cloud-starter-ng - Set
apiBaseUrlinenvironment.ts ng serve
You get login, signup, email verification, invitations, password reset, and multi-team switching — all wired up.
