{"id":22740175,"url":"https://github.com/a-type/auth","last_synced_at":"2026-01-28T03:29:38.166Z","repository":{"id":215710416,"uuid":"739571414","full_name":"a-type/auth","owner":"a-type","description":"My personal library for API authentication","archived":false,"fork":false,"pushed_at":"2025-03-26T20:17:58.000Z","size":98012,"stargazers_count":0,"open_issues_count":1,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-03-26T21:22:55.312Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/a-type.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-01-05T22:29:07.000Z","updated_at":"2025-03-26T20:17:16.000Z","dependencies_parsed_at":null,"dependency_job_id":"c7ea2535-27b4-4096-869d-0998afe5d7c4","html_url":"https://github.com/a-type/auth","commit_stats":null,"previous_names":["a-type/auth"],"tags_count":95,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/a-type%2Fauth","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/a-type%2Fauth/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/a-type%2Fauth/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/a-type%2Fauth/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/a-type","download_url":"https://codeload.github.com/a-type/auth/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246273519,"owners_count":20750904,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-12-10T23:07:48.972Z","updated_at":"2026-01-28T03:29:33.147Z","avatar_url":"https://github.com/a-type.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# auth\n\nMy personal library for API authentication.\n\nDesigned to plug into Hono and similar servers.\n\nMade for me since I keep making new projects that need auth. It's so particular and poorly documented you probably won't find it useful, but it's just easier to make this stuff open source.\n\n## Users\n\nThis library has some opinions about what a user is.\n\nA user has:\n\n- id\n- email\n- fullName (a formal name, provided by OAuth provider or the user themselves)\n- friendlyName (an informal, changeable name shown to other people)\n\n## Login flows\n\nThis library powers OAuth-based login flows with specified providers.\n\nIt also enables an email login flow with email+password, including email verification and password resets.\n\n### Email flow\n\nThe email flow is fairly opinionated.\n\nFirst, submit a request handled by `handlers.handleSendEmailVerificationRequest` to verify the user owns the email. They must provide email and name (fullName).\n\nThis creates an email verification token in the database and sends them an email with a code.\n\nThe user then clicks the link in the email to return to the app with the code. Upon presenting the code, they must then choose a password. The code and password are sent back to the server to the `handlers.handleVerifyEmailRequest` handler. This creates the user's account and identity on the server and sets up email login.\n\nPassword reset works fairly similarly - send a request to send the password reset email, get the code, return and set a new password.\n\n## Client\n\n`@a-type/auth-ui` includes tools for React-based clients to integrate quickly with a backend powered by `@a-type/auth`. It requires my personal UI library as a peer dep (`@a-type/ui`). YMMV on whether this is helpful, but you can also just read the source and re-implement to your liking.\n\n`@a-type/auth-fetch` is a `fetch` wrapper which automatically refreshes the session and retries the request upon a session expiration.\n\nBy default it expects a session expiration response to be a 401 with a header `x-auth-error: session-expired`. It's up to your server integration to provide this with the way it handles and responds after a `Session expired` AuthError. You can do this relatively easily by just returning `AuthError.toResponse()`. Or you can override the logic for deciding session expiration with the fetch params.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fa-type%2Fauth","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fa-type%2Fauth","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fa-type%2Fauth/lists"}