https://github.com/arlac77/svelte-session-manager

Session store for svelte (currently only for JWT)
https://github.com/arlac77/svelte-session-manager
Last synced: 2 months ago
JSON representation
Session store for svelte (currently only for JWT)
Host: GitHub
URL: https://github.com/arlac77/svelte-session-manager
Owner: arlac77
License: 0bsd
Created: 2019-08-09T10:03:44.000Z (almost 6 years ago)
Default Branch: master
Last Pushed: 2025-04-09T19:11:39.000Z (3 months ago)
Last Synced: 2025-04-09T19:45:38.582Z (3 months ago)
Language: JavaScript
Homepage:
Size: 14.6 MB
Stars: 105
Watchers: 2
Forks: 7
Open Issues: 9
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project

README

        [![Svelte v5](https://img.shields.io/badge/svelte-v5-orange.svg)](https://svelte.dev)

[![npm](https://img.shields.io/npm/v/svelte-session-manager.svg)](https://www.npmjs.com/package/svelte-session-manager)

[![License](https://img.shields.io/badge/License-0BSD-blue.svg)](https://spdx.org/licenses/0BSD.html)

[![bundlejs](https://deno.bundlejs.com/?q=svelte-session-manager\&badge=detailed)](https://bundlejs.com/?q=svelte-session-manager)

[![downloads](http://img.shields.io/npm/dm/svelte-session-manager.svg?style=flat-square)](https://npmjs.org/package/svelte-session-manager)

[![GitHub Issues](https://img.shields.io/github/issues/arlac77/svelte-session-manager.svg?style=flat-square)](https://github.com/arlac77/svelte-session-manager/issues)

[![Build Status](https://img.shields.io/endpoint.svg?url=https%3A%2F%2Factions-badge.atrox.dev%2Farlac77%2Fsvelte-session-manager%2Fbadge\&style=flat)](https://actions-badge.atrox.dev/arlac77/svelte-session-manager/goto)

[![Styled with prettier](https://img.shields.io/badge/styled_with-prettier-ff69b4.svg)](https://github.com/prettier/prettier)

[![Commitizen friendly](https://img.shields.io/badge/commitizen-friendly-brightgreen.svg)](http://commitizen.github.io/cz-cli/)

[![Known Vulnerabilities](https://snyk.io/test/github/arlac77/svelte-session-manager/badge.svg)](https://snyk.io/test/github/arlac77/svelte-session-manager)

[![Coverage Status](https://coveralls.io/repos/arlac77/svelte-session-manager/badge.svg)](https://coveralls.io/github/arlac77/svelte-session-manager)

[![Tested with TestCafe](https://img.shields.io/badge/tested%20with-TestCafe-2fa4cf.svg)](https://github.com/DevExpress/testcafe)

# svelte-session-manager

Session store for svelte (currently only for JWT)

# usage

```js

import { derived } from 'svelte';

import { Session, login } from 'svelte-session-manager';

// use localStorage as backing store

let session = new Session(localStorage);

// session may still be valid

if(!session.isValid) {

  await login(session, 'https://mydomain.com/authenticate', 'a user', 'a secret');

}

session.isValid; // true when auth was ok or localStorage token is still valid

export const values = derived(

  session,

  ($session, set) => {

    if (!session.isValid) {

      set([]); // session has expired no more data

    } else {

      fetch('https://mydomain.com/values', {

        headers: {

          ...session.authorizationHeader

        }

      }).then(async data => set(await data.json()));

    }

    return () => {};

  }

,[]);

// $values contains fetch result as long as session has not expired

```

## run tests

```sh

export BROWSER=safari|chrome|...

npm|yarn test

```

The test runs the following requests against the server

*   successful auth

```sh

curl -X POST -d '{"username":"user","password":"secret"}' 'http://[::]:5000/api/login'

```

    {"access_token":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbnRpdGxlbWVudHMiOiJhLGIsYyIsImlhdCI6MTYwNDY2NDI0NywiZXhwIjoxNjA0NjY0MjYyfQ.qyjeoCuXO0iyYwSxM2sM02_BVhaZobRmEWam1M8Hzkx51nbsAuTR8G1rNgz1COo_KvbCU7LwZt7qnSEFB1tcwyDA1eBxwc2Wb7JxWgQ50m1IWkr2JCgY1seWRJRcwZBXiTRtiPqhzofP-l3S-CBluzU48cd4yzoPayczLkKuPK4"}

*   invalid credentials

```sh

curl -X POST -d '{"username":"user","password":"wrong"}' 'http://[::]:5000/api/login'

```

    {"message":"Unauthorized"}

## Live Example

[live example](https://svelte-session-manager.pages.dev/)

# API

### Table of Contents

*   [login](#login)

    *   [Parameters](#parameters)

*   [handleFailedResponse](#handlefailedresponse)

    *   [Parameters](#parameters-1)

*   [SessionData](#sessiondata)

    *   [Properties](#properties)

*   [msecsRequiredForRefresh](#msecsrequiredforrefresh)

*   [supportedTokenTypes](#supportedtokentypes)

*   [Session](#session)

    *   [Parameters](#parameters-2)

    *   [Properties](#properties-1)

    *   [update](#update)

        *   [Parameters](#parameters-3)

    *   [refresh](#refresh)

    *   [authorizationHeader](#authorizationheader)

    *   [isValid](#isvalid)

    *   [invalidate](#invalidate)

    *   [hasEntitlement](#hasentitlement)

        *   [Parameters](#parameters-4)

    *   [subscribe](#subscribe)

        *   [Parameters](#parameters-5)

*   [decode](#decode)

    *   [Parameters](#parameters-6)

## login

Bring session into the valid state by calling the authorization endpoint

and asking for a access\_token.

Executes a POST on the endpoint url expecting username, and password as json

### Parameters

*   `session` **[Session](#session)** to be opened

*   `endpoint` **[string](https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/String)** authorization url

*   `username` **[string](https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/String)** id of the user

*   `password` **[string](https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/String)** user credentials

*   `tokenmap` **[Object](https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/Object)** token names in response to internal known values (optional, default `defaultTokenMap`)

Returns **[Promise](https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/Promise)<([string](https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/String) | [undefined](https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/undefined))>** error message in case of failure or undefined on success

## handleFailedResponse

Extract error description from response.

### Parameters

*   `response` **[Response](https://developer.mozilla.org/docs/Web/Guide/HTML/HTML5)** 

Returns **[Promise](https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/Promise)<[string](https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/String)>** 

## SessionData

Data as preserved in the backing store.

Type: [Object](https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/Object)

### Properties

*   `username` **[string](https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/String)** user name (id)

*   `access_token` **[string](https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/String)** JWT token

*   `refresh_token` **[string](https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/String)** JWT token

## msecsRequiredForRefresh

Time required to execute a refresh

Type: [number](https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/Number)

## supportedTokenTypes

## Session

User session.

To create as session backed by browser local storage.

```js

let session = new Session(localStorage);

```

or by browser session storage

```js

let session = new Session(sessionStorage);

```

### Parameters

*   `store` **[SessionData](#sessiondata)**  (optional, default `localStorage`)

### Properties

*   `entitlements` **[Set](https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/Set)<[string](https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/String)>** 

*   `subscriptions` **[Set](https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/Set)<[Object](https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/Object)>** store subscriptions

*   `expirationDate` **[Date](https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/Date)** when the access token expires

*   `access_token` **[string](https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/String)** token itself

*   `refresh_token` **[string](https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/String)** refresh token

### update

Consume auth response data and reflect internal state.

#### Parameters

*   `data` **[Object](https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/Object)** 

### refresh

Refresh with refresh\_token.

Returns **[Promise](https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/Promise)<[boolean](https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/Boolean)>** true if refresh was succcessfull false otherwise

### authorizationHeader

Http header suitable for fetch.

Returns **[Object](https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/Object)** header The http header.

Returns **[string](https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/String)** header.Authorization The Bearer access token.

### isValid

As long as the expirationTimer is running we must be valid.

Returns **[boolean](https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/Boolean)** true if session is valid (not expired)

### invalidate

Remove all tokens from the session and the backing store.

### hasEntitlement

Check presence of an entitlement.

#### Parameters

*   `name` **[string](https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/String)** of the entitlement

Returns **[boolean](https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/Boolean)** true if the named entitlement is present

### subscribe

Fired when the session changes.

#### Parameters

*   `subscription` **[Function](https://developer.mozilla.org/docs/Web/JavaScript/Reference/Statements/function)** 

## decode

Extract and decode the payload.

### Parameters

*   `token` **[string](https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/String)** 

Returns **[Object](https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/Object)** payload object

# install

With [npm](http://npmjs.org) do:

```shell

npm install svelte-session-manager

```

# license

BSD-2-Clause
ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Awesome

https://github.com/arlac77/svelte-session-manager

Awesome Lists containing this project

README
