npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

authress-login

v2.1.213

Published

Universal login sdk for Authress authentication as a service. Provides managed authentication for user identity, authentication, and token verification.

Downloads

741

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

rhosysrhosyswparadwparad

Keywords

authenticationauthentication as a serviceLoginLogin Clientuniversal loginauthfederated loginsecure loginapplication securityIDaaSauthenticationuser authenticationuser identityOauth2Oauth2.1Oauth3platformplatform loginextensionAuthressAuthress clientuser security

Readme

Authress Login SDK for UIs

The Authress Universal Login SDK for javascript app websites and user identity authentication. Used to integrate with the authentication as a service provider Authress at https://authress.io.

npm version

Usage

npm install @authress/login

Then required the package:

const { LoginClient } = require('@authress/login');

Troubleshooting usage

Troubles with esbuild or another bundler, checkout the build tools troubleshooting page.

Getting Started

Part 0: Setup Authress Login

You'll want to create:

  • at least one provider connection - https://authress.io/app/#/manage?focus=connections
  • an application which represents your web app - https://authress.io/app/#/manage?focus=applications

Part 1: Web App UI

On every route change check to see if the user exists, and if they don't redirect them to a login prompt.

const { LoginClient } = require('@authress/login');

// What is my applicationId => https://authress.io/app/#/manage?focus=applications
// What is my authressLoginHostUrl? => https://authress.io/app/#/setup?focus=domain
const loginClient = new LoginClient({ authressLoginHostUrl: 'https://login.application.com', applicationId: 'YOUR_APPLICATION_ID' });
const isUserLoggedIn = await loginClient.userSessionExists();
if (!isUserLoggedIn) {
  window.location.assign('/login');
}

In your app's login screen when the user selects how they would like to login, direct them there. And also specify where you would like Authress to redirect the user to after login. By default this is the user's current location.

await loginClient.authenticate({ connectionId: 'SELECTED_CONNECTION_ID', redirectUrl: window.location.href });
// Or if you know which tenant the user wants to log in with:
await loginClient.authenticate({ tenantLookupIdentifier: 'tenant-subdomain.app.com', redirectUrl: window.location.href });
return;

Then get the user access token associated with the user's login to be used for authorization in the next part:

const userToken = await loginClient.ensureToken();

Part 2: User Authentication in Service APIs

To authenticate the user in your service API, the token generated by the library in Part 1 needs to be passed to your service. The standard is pulling it from the loginClient, and putting it into an Authorization header:

const userToken = await loginClient.ensureToken();
const result = await fetch('https://api.application.com/v1/route', {
  method: 'GET',
  headers: {
    'Authorization': `Bearer ${userToken}`
  }
})

On the service API side, pull in the Authress service client companion library, and then verify the access token.

  • First install the companion library: npm install authress-sdk
  • Then verify the incoming tokens from the Authorization header:
const { TokenVerifier } = require('authress-sdk');

try {
  // Grab authorization token from the request header, the best way to do this will be framework specific.
  const userToken = request.headers['Authorization'];
  // Specify your custom domain for tokens. Configurable at https://authress.io/app/#/manage?focus=applications
  const userIdentity = await TokenVerifier('https://login.application.com', userToken);
} catch (error) {
  console.log('User is unauthorized', error);
  return { statusCode: 401 };
}

Platform Extension Login

The goal of the platform extension is to make it easy for your platform extension developers to login with Authress. Embed the ExtensionClient in your javascript UI SDK, and pass in the extensionId.

const { ExtensionClient } = require('@authress/login');

// What is my custom Domain? => https://authress.io/app/#/setup?focus=domain
// What is my extensionId => https://authress.io/app/#/manage?focus=extensions
const extensionClient = new ExtensionClient('https://login.application.io', extensionId);

// redirectUrl is where the extension would like to return the user to after login
// * This method will redirect the user to the Authress Login UI screen with an auth code
const { accessToken } = await extensionClient.login(redirectUrl);

// .... After login the user is redirected to the redirectUrl
// * So try the login again:
const { accessToken } = await extensionClient.login(redirectUrl);

// * Or get the user claims from the token
await userData = await this.getUserIdentity();

Advanced

Curious exactly how these methods work and when they should be used? We have some advanced guidance available for each of the methods on the method documentation.

Contributing

Validating index.d.ts type definitions

For validation it helps to generate and compare the types to the generated files using:

npx typescript index.js --declaration --allowJs --emitDeclarationOnly --outDir types