@denz93/vendure-plugin-simple-auth
v1.3.1
Published
Allow customers login using email and verification code (One time login)
Downloads
96
Maintainers
Readme
Simple Auth Plugin for Vendure.io
A Vendure plugin allow users log in using email and verification code
Use Case
A lot of times we want visitors (aka customers) to complete their purchase order as quick as possilble. However, they usually hesitate to create a credential to a random online shop at checkout step. So we provide a way to quickly authenticate those visitors by their email and a verification code that is sent to their email.
What it does
- Expose a GraphQL Query "
requestOneTimeCode
". - Add an authentication strategy to GraphQL mutation "
authenticate
".
How to use
1. Install
yarn add @denz93/vendure-plugin-simple-auth
or
npm i --save @denz93/vendure-plugin-simple-auth
2. Add the plugin to vendure-config.ts file
import { SimpleAuthPlugin } from "@denz93/vendure-plugin-simple-auth";
...
export const config: VendureConfig = {
...
plugins: [
...
SimpleAuthPlugin.init(options) //see Options
]
}
3. Options for SimpleAuthPlugin.init
attempts:
number
Plugin will invalidate the verification code after user's
attempts
.
default: 5ttl:
number
Time to live
How long the verification code is valid for.
default: 600 (seconds)length:
number
How many digits/alphabets the verification code should be.
default: 6includeAlphabet:
boolean
Should allow alphabet characters.
default: false (akadigits only
)isDev:
boolean
If true, the verification will return along with the response of query.
requestOneTimeCode
.
It's for debug and testing.
default: falsecacheModuleOption:
CacheModuleOption
By default, the plugin use
"memory"
for caching which is underlying using NestJs CacheModule.
To change cache store toRedis
,MongoDB
, etc, please see NestJs CacheModule docs here.
You also want to see here fromcache-manager
which is underlying used by NestJs.
Note: should use cache-manager 4.x if using Vendure under 2.x
default: {}checkCrossStrategies:
boolean
Strictly enforce unique email among all strategies
For example:
- One day, user "John" sign in using Google authentication with "[email protected]".
- Another day, user "John" sign in using One-time passcode authenication (this plugin) with the same email.
- This plugin will throw an error if the flag is enabled.
default: false.
Note: This only works if Google authentication plugin using email as an identifier
4. Add EmailHandler
to EmailPlugin
** Note: Since v1.3.0
you don't need to config this step anymore. The plugin will automatically append the handler
to Email Plugin
// vendure-config.ts
import { oneTimeCodeRequestedEventHandler } from '@denz93/vendure-plugin-simple-auth';
...
export const config: VendureConfig = {
...
plugins: [
...
EmailPlugin.init({
...
handlers: [...defaultEmailHandler, oneTimeCodeRequestedEventHandler]
})
]
}
Future Updates
- [x] Prevent cross authenticate (Ex: users use same email for GoogleAuth and SimpleAuth)