npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@voyantjs/auth-react

v0.95.0

Published

React runtime package for Voyant authentication and optional workspace state.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

gabrielpxmgabrielpxmmihaipxmmihaipxm

Keywords

Readme

@voyantjs/auth-react

React runtime package for Voyant authentication and optional workspace state.

This package wraps the shared Voyant auth HTTP contract:

  • /auth/me
  • PATCH /auth/me
  • /auth/status
  • /auth/request-password-reset
  • /auth/reset-password
  • /auth/sign-in/email
  • /auth/change-password
  • /auth/email-otp/request-email-change
  • /auth/email-otp/change-email
  • /auth/sign-up/email
  • /auth/verify-email
  • /auth/email-otp/verify-email
  • /auth/workspace/current
  • /auth/workspace/active-organization
  • /auth/organization/list-members
  • /auth/organization/list-invitations
  • /auth/organization/invite-member
  • /auth/organization/accept-invitation
  • /auth/organization/update-member-role
  • /auth/organization/remove-member
  • /auth/organization/cancel-invitation
  • /auth/api-tokens
  • /auth/api-tokens/:keyId

It provides reusable React surfaces for:

  • current user state
  • account profile, password, and email-change mutations
  • optional workspace and organization state
  • organization member listing
  • organization invitation listing
  • email/password sign-in
  • email/password sign-up
  • email verification by Better Auth token or email OTP
  • password reset request and confirmation
  • invite, accept, cancel, remove, and role update mutations
  • API token listing, creation, update, and deletion

Sign-In

useSignIn() exposes the shared email/password Better Auth flow:

const signIn = useSignIn()

await signIn.email.mutateAsync({
  email,
  password,
  callbackURL: "/",
})

After Better Auth accepts the credentials, the hook calls /auth/status to provision the Voyant user profile if needed and invalidates the current auth queries.

Account self-service

useUpdateAccountProfile() updates Voyant profile fields through PATCH /auth/me and refreshes the current-user query:

const updateProfile = useUpdateAccountProfile()

await updateProfile.mutateAsync({
  firstName: "Ana",
  lastName: "Pop",
  locale: "ro",
  timezone: "Europe/Bucharest",
  profilePictureUrl: null,
})

Apps can mount handleAccountProfileRequest(...) from @voyantjs/auth/server to provide this route without depending on a specific template. The mounted route validates the session, calls updateCurrentUserProfile(...) from @voyantjs/auth/workspace, and returns the updated current-user shape.

Password and email changes call the mounted Better Auth API:

const changePassword = useChangeAccountPassword()
await changePassword.mutateAsync({
  currentPassword,
  newPassword,
  revokeOtherSessions: true,
})

const requestEmailChange = useRequestAccountEmailChange()
await requestEmailChange.mutateAsync({ newEmail })

const confirmEmailChange = useConfirmAccountEmailChange()
await confirmEmailChange.mutateAsync({ newEmail, otp })

Sign-Up

useSignUp() exposes the shared email/password Better Auth registration flow:

const signUp = useSignUp()

await signUp.email.mutateAsync({
  name,
  email,
  password,
  callbackURL: "/",
})

The hook posts to the mounted Better Auth /auth/sign-up/email endpoint, calls /auth/status after success for profile provisioning fallback, and invalidates the current auth queries. Invitation-backed registration should use the app's invitation redemption endpoint, because Better Auth email sign-up cannot redeem Voyant admin-issued invite tokens.

Invitation Acceptance

useAcceptInvitation() posts a Better Auth organization invitation token to the mounted /auth/organization/accept-invitation endpoint:

const acceptInvitation = useAcceptInvitation()

await acceptInvitation.mutateAsync({ token: invitationId })

The helper also accepts Better Auth's native field name:

await acceptInvitation.mutateAsync({ invitationId })

On success, current-user, current-workspace, organization-member, and organization-invitation queries are invalidated so app shells can refresh their membership state.

Password Reset

useRequestPasswordReset() and useConfirmPasswordReset() expose the mounted Better Auth reset-password endpoints:

const requestReset = useRequestPasswordReset()

await requestReset.mutateAsync({
  email,
  redirectTo: "https://operator.example/reset-password",
})

const confirmReset = useConfirmPasswordReset()

await confirmReset.mutateAsync({
  token,
  newPassword,
})

The request hook posts to /auth/request-password-reset with email and redirectTo. The confirm hook posts to /auth/reset-password with token and newPassword, then invalidates the current auth queries.

Email Verification

useVerifyEmail() exposes the shared Better Auth verification flow. Token links call the mounted Better Auth /auth/verify-email endpoint; OTP verification uses the email OTP plugin route used by the templates.

const verifyEmail = useVerifyEmail()

await verifyEmail.mutateAsync({ token })
await verifyEmail.mutateAsync({ email, otp })

After verification succeeds, the hook calls /auth/status to provision the Voyant user profile if needed and invalidates the current auth queries.

Single-Tenant Apps

Single-tenant operator apps should bootstrap their shell from useCurrentUser() or /auth/me only. useCurrentWorkspace(), useWorkspaceMutation(), organization member hooks, and invitation hooks are opt-in team/workspace surfaces for apps that expose Better Auth organization routes.

Do not make workspace queries part of the base admin loading gate unless the app intentionally requires organization switching or team management. Apps that do not mount the organization routes can still use the current-user hooks without providing /auth/workspace/current or /auth/organization/* endpoints.

API Tokens

The API-token hooks call Voyant's /auth/api-tokens facade, not Better Auth's raw /auth/api-key/* plugin routes. Mount handleApiTokenManagementRequest(...) from @voyantjs/auth/server before falling through to auth.handler(request) so the shared UI can manage permissioned voy_ service tokens.