npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@dfinity/auth-client

v2.2.0

Published

JavaScript and TypeScript library to provide a simple integration with an IC Internet Identity

Downloads

40,560

Readme

@dfinity/auth-client

0.10.5 Idle update - see changes here

Simple interface to get your web application authenticated with the Internet Identity Service

Visit the Dfinity Forum and SDK Documentation for more information and support building on the Internet Computer.

Additional API Documentation can be found here.


Installation

Using AuthClient:

npm i --save @dfinity/auth-client

In the browser:

import { AuthClient } from "@dfinity/auth-client";

To get started with auth client, run

const authClient = await AuthClient.create();

The authClient can log in with

authClient.login({
  // 7 days in nanoseconds
  maxTimeToLive: BigInt(7 * 24 * 60 * 60 * 1000 * 1000 * 1000),
  onSuccess: async () => {
    handleAuthenticated(authClient);
  },
});

It opens an identity.ic0.app window, saves your delegation to localStorage, and then sets you up with an identity.

Then, you can use that identity to make authenticated calls using the @dfinity/agent Actor.

const identity = await authClient.getIdentity();
const actor = Actor.createActor(idlFactory, {
  agent: new HttpAgent({
    identity,
  }),
  canisterId,
});

Storage and Key management

If you prefer not to use ECDSA keys or the default IndexedDb storage interface, you can provide your own. Some reasons to use a custom storage implementation might be

  • You prefer to use LocalStorage
  • You don't want to persist keys across page loads for heightened security
  • You have an alternate strategy for identity management

There is an exported LocalStorage interface, but any structure that implements the AuthClientStorage interface will work.

export type StoredKey = string | CryptoKeyPair;
export interface AuthClientStorage {
  get(key: string): Promise<StoredKey | null>;

  set(key: string, value: StoredKey): Promise<void>;

  remove(key: string): Promise<void>;
}

So you could easily implement your own

const noStorageImpl = {
  get(key: string) {
    return Promise.resolve(null);
  },
  set(key: string, value: StoredKey) {
    return Promise.resolve();
  },
  remove(key: string) {
    return Promise.resolve();
  },
};
const authClient = await AuthClient.create({
  storage: noStorageImpl,
});

If you are using a custom storage implementation like LocalStorage that only supports strings, you should use the keyType option to use an Ed25519 key instead of the default ECDSA key.

const authClient = await AuthClient.create({
  storage: new LocalStorage(),
  keyType: 'Ed25519',
});

The AuthClient provides two forms of security for session management. The first is built into the Internet Identity delegation - the maxTimeToLive option in nanoseconds determines how long the DelegationIdentity you get back will be valid for. The second is the Idle Manager, which moniters keyboard, mouse and touchscreen identity. The Idle Manager will automatically log you out if you don't interact with the browser for a period of time.

If you pass no options to the IdleManager, it will log you out after 10 minutes of inactivity by removing the DelegationIdentity from localStorage and then calling window.location.reload().

If you pass an onIdle option, it will call that function when the user is idle, replacing the default window.location.reload() behavior. You can also register callbacks after the idleManager is created with the idleManager.registerCallback() method, which will also replace the default callback.

The full set of options for the IdleManager is:

  /**
   * Callback after the user has gone idle
   */
  onIdle?: IdleCB;
  /**
   * timeout in ms
   * @default 30 minutes [600_000]
   */
  idleTimeout?: number;
  /**
   * capture scroll events
   * @default false
   */
  captureScroll?: boolean;
  /**
   * scroll debounce time in ms
   * @default 100
   */
  scrollDebounce?: number;

Additionally, the AuthClient accepts a couple additional flags to idleOptions to control the IdleManager:

  /**
   * Disables idle functionality for {@link IdleManager}
   * @default false
   */
  disableIdle?: boolean;

  /**
   * Disables default idle behavior - call logout & reload window
   * @default false
   */
  disableDefaultIdleCallback?: boolean;

IdleManager Example Usage

const authClient = await AuthClient.create({
  idleOptions: {
    idleTimeout: 1000 * 60 * 30, // set to 30 minutes
    disableDefaultIdleCallback: true // disable the default reload behavior
  }
});
// ...authClient.login()
const identity = await authClient.getIdentity();
const actor = Actor.createActor(idlFactory, {
  agent: new HttpAgent({
    identity,
  }),
  canisterId,
});

refreshLogin() {
  // prompt the user then refresh their authentication
  authClient.login({
    onSuccess: async () => {
      const newIdentity = await AuthClient.getIdentity();
      Actor.getAgent(actor).replaceIdentity(newIdentity);
    }
  });
}

authClient.idleManager?.registerCallback?.(refreshLogin);

In this code, we create an authClient with an idle timeout of 30 minutes. When the user is idle, we invalidate their identity and prompt them to login again.

After the user logs in, we can set the new identity in the actor without reloading the page.

Note: depends on @dfinity/agent and @dfinity/identity.