npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@rkdev3/magic-link

v0.1.0

Published

A lightweight TypeScript library for generating and verifying magic links for passwordless authentication.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

rkdev3rkdev3

Keywords

magic-linkpasswordlessauthenticationtypescriptnode

Readme

🔑 Magic-link Authentication (Minimal TypeScript Package)

License: MIT TypeScript

A lightweight utility to generate and validate magic links for authentication workflows.
Built with TypeScript, zero external dependencies, and designed for learning + experimentation.

📖 About this project

I initially built this package to learn and experiment with how magic link authentication works, while creating a minimal, reusable utility for my own projects.

Along the way, I wanted to:

  • Deepen my knowledge of TypeScript and package development
  • Learn the full flow of publishing and maintaining an NPM package
  • Build a tool that’s simple but potentially useful for others

This package is still evolving 🚧 — new features will be added gradually.

⚠️ Disclaimer

This package was built primarily for learning and experimentation. While it works, it may not be fully production-ready. Use at your own risk, and double-check security practices before deploying in critical systems.

✨ Features

  • 🔑 Generate magic links with unique tokens
  • ⏱ Configurable expiry times
  • 📦 No external dependencies
  • 🧩 TypeScript-first API
  • 🪶 Lightweight and minimal by design

📦 Installation

npm install @rkdev3/magiclink

🚀 Usage

⚡ Quick Start

Here’s a minimal Express.js example showing how to create and validate magic links.

import express from "express";
import dotenv from "dotenv";
import { createMagicLink, magicLinkMiddleware } from "@rkdev3/magic-link";

const app = express();
app.use(express.json());
dotenv.config();

const SECRET = process.env.SECRET as string;     // Your secret key
const BASE_URL = process.env.BASE_URL as string; // Your app's base URL

// 1️⃣ Route to generate a magic link
app.post("/create", (req, res) => {
  const email = req.body.email as string | undefined;

  if (!email) {
    return res.status(400).json({ error: "Email is required" });
  }

  const link = createMagicLink(email, {
    secret: SECRET,
    baseUrl: BASE_URL,
  });

  res.send(`Magic link: <a href="${link}">${link}</a>`);
});

// 2️⃣ Route protected by magic link middleware
app.get("/auth", magicLinkMiddleware(SECRET), (req, res) => {
  res.send(`Welcome ${(req as any).magicUser}`);
});

app.listen(3000, () => console.log("✅ Server running on http:/localhost:3000"));

📌 How It Works

  • Client sends an email to /create.

  • Server responds with a magic link.

  • User clicks the link → redirected to /auth.

  • magicLinkMiddleware validates it and grants access.

🔑 Environment Variables

Make sure you set these in your .env file:


SECRET=your-secret-key
BASE_URL=http://localhost:9000/auth

🛠 API Reference

createMagicLink(email: string, options: { secret: string, baseUrl: string })

  • Generates a signed magic link for the given email.

magicLinkMiddleware(secret: string)

  • Express middleware that validates magic links.
  • If valid → attaches req.magicUser and calls next().

##🧪 Testing It Locally


# Run the server
npm run dev

# In another terminal, send a request
curl -X POST http://localhost:9000/create \
  -H "Content-Type: application/json" \
  -d '{"email":"[email protected]"}'

Click the returned link in your browser → you should see Welcome user@examplecom.

📌 Roadmap

  • Token expiry support

  • Integration with Nodemailer (send link via email)

  • Examples with Next.js & React

🤝 Contributing

PRs, issues, and discussions welcome!

📄 License

MIT © 2025 Ragini K