@cto.ai/ops-ctrl-account
v1.0.1
Published
cto.ai account management library
Downloads
6
Keywords
Readme
@cto.ai/ops-ctrl-account
cto.ai account management library
JWT-based identity and access management
API
This is a native ESM module.
account(opts) => instance
Options:
realm
- auth server realm nameurl
- auth server URLid
- client idpages
- an object that must contain the following properties:signup
,signin
,error
. Each must hold aBuffer
instance, containin HTML to redirect a users browser after a user has registered, logged in or if there was an error, respectively.backend
default:false
- backend mode limited API. Only functionality that doesn't rely on client-side browser interactions is supplied:refresh
,signout
andsignin
, wheresignin
must be passed user and password. Pages are not required whenbackend
istrue
.
Tokens objects:
Much of the API either accepts or outputs tokens
. A tokens object has the following shape:
{
accessToken: string
refreshToken: string
idToken: string
sessionState: string
}
instance.signup() => Promise => tokens
Opens the default browser to the registration URL and supplies tokens
once the registration process has been completed in the browser.
instance.signin(opts) => Promise => tokens
Triggers a browser-based login flow or logs in with a given username and password.
If both user
and password
options are supplied these credentials will be
exchanged for tokens
. Otherwise, opens the default browser to the login URL and supplies tokens
when the login process has been completed in the browser.
Options:
user
Optional - usernamepassword
Optional - password
instance.refresh(tokens) => Promise => tokens
Accepts a tokens
object and fetches fresh tokens
.
instance.signout(tokens) => Promise
Invalidates the tokens
passed.
instance.reset(opts)
Will open a browser at a Keycloak password reset URL, which differs based on the signedIn
options.
Options:
signedIn
(boolean
), Default:false
- Iftrue
the browser will open to the logged-in accounts password page. Iffalse
it will open to reset credentials page.
instance.validate(tokens) => boolean
accounts.validate(tokens) => boolean
Checks whether tokens.refreshToken
has expired. If it has validate
returns true
, otherwise false
.
Engines
- Node 12.4+
- Node 14.0+
Development
Test:
npm test
Visual coverage report (run after test):
npm run cov
Lint:
npm run lint
Autoformat:
npm run lint -- --fix
Releasing
For mainline releases:
npm version <major|minor|patch>
git push --follow-tags
For prereleases:
npm version prerelease
git push --follow-tags
License
MIT