apollo-accounts-password-client

    0.3.0-beta.26 • Public • Published

    Apollo Accounts Password—Client npm version

    Client side of Apollo Accounts Password, a full-stack JS accounts system for Apollo and MongoDB.

    Usage

    npm install apollo-accounts-password-client

    import ApolloAccounts from 'apollo-accounts-password-client'
    import ApolloClient from 'apollo-boost'
     
    const apolloClient = new ApolloClient({
      uri: 'http://localhost:4000/graphql'
    })
     
    const Accounts = new ApolloAccounts(apolloClient)
     
    Accounts.login({
      user: {
        email: 'bar@example.com'
      },
      password: 'foo'
    })

    (You'll also need to set up a server at localhost:4000/graphql that uses apollo-accounts-password-server.)

    Demo

    See flyblackbird/apollo-accounts

    API

    Below we list all the methods of ApolloAccounts. Most methods return a promise that resolves when the response is received from the server. If you need other methods that are supported by accounts-js, you can access them through:

    Constructor

    new ApolloAccounts(apolloClientInstance,accountsClientOptions)

    Usually accountsClientOptions is left out, unless you're in React Native:

    import { AsyncStorage } from 'react-native'
     
    const Accounts = new ApolloAccounts(apolloClient, {
      tokenStorage: AsyncStorage
    })

    createUser

    createUser({ email, password })
    createUser({ username, password })
    

    Argument may contain a profile property object with arbitrary data.

    createUser() does not automatically log the user in.

    login

    login(loginInfo)

    • loginInfo:
      • user an object of the form { email: 'a@b.c' } or { username: 'loren' }
      • password
      • code if you're using 2fa
    Accounts.login({ password: 'foo', user: { email: 'bar@example.com' } })

    refreshSession

    const { accessToken, refreshToken } = Accounts.refreshSession()

    Gets the login tokens from LocalStorage, or if the accessToken is expired, refreshes it (i.e. gets a new accessToken from the server using the refreshToken).

    If it returns null, either:

    • The refreshToken is expired, and the user must login again.
    • There are no tokens, either because no one has logged in from this client, or they've cleared their LocalStorage.

    If you'd like to be able to determine who last logged in to a particular client on page load, you can, during a previous session, save whatever part of the user data (from getUser()) you want in LocalStorage.

    logout

    logout()

    Tells the server to invalidate the tokens and clears them from memory on the client.

    getUser

    const user = Accounts.getUser()

    Fetches the currently logged-in user record.

    sendVerificationEmail

    sendVerificationEmail(emailAddress)

    Sends an email which contains a link to this app with a secret token in the URL.

    verifyEmail

    verifyEmail(token)

    • token: retrieved from the URL (the link clicked in the verification email)

    requestPasswordReset

    requestPasswordReset(emailAddress)

    Sends an email which contains a link to this app with a secret token in the URL.

    resetPassword

    resetPassword(token, newPassword)

    • token: retrieved from the URL (the link clicked in the reset password email)

    changePassword

    changePassword(old, new)

    getTwoFactorSecret

    const secret = Accounts.getTwoFactorSecret()

    • secret:
      • base32: backup code for user to write down if they'd like
      • otpauth_url: a QR code to be displayed, for instance with qrcode.react: <QRCode value={secret.otpauth_url} />

    Example usage

    twoFactorSet

    twoFactorSet(secret, oneTimeCode)

    • secret obtained from getTwoFactorSecret
    • oneTimeCode entered by the user after they use an app like Authy to scan the QR code.

    impersonate

    impersonate(user)

    • user: { userId } or { username } or { email }

    If the current user has the correct authorization (see options.impersonationAuthorize), this fetches and saves the target user's tokens.

    stopImpersonation

    stopImpersonation()

    Deletes the impersonated user's tokens and restores the original user's tokens.

    Eject

    This package is like Apollo Boost—if at some point you need more configuration options than this package exposes, you can eject by directly installing the below accounts-js packages and configuring them yourself:

    npm install @accounts/client @accounts/client-password @accounts/graphql-client

    import ApolloClient from 'apollo-boost'
     
    const apolloClient = new ApolloClient({ ... })
    const accountsGraphQL = new GraphQLClient({ graphQLClient: apolloClient })
    const accountsClient = new AccountsClient(
      accountsClientOptions,
      accountsGraphQL
    )
    const accountsPassword = new AccountsClientPassword(accountsClient)

    Credits

    Keywords

    none

    Install

    npm i apollo-accounts-password-client

    DownloadsWeekly Downloads

    1

    Version

    0.3.0-beta.26

    License

    MIT

    Unpacked Size

    11.9 kB

    Total Files

    6

    Last publish

    Collaborators

    • lorensr