@futureverse/auth v4.4.0

Futureverse Auth

Provides an Open ID Connect Authentication library for FuturePass.

Installation

npm:

    npm install @futureverse/auth --save

yarn:

    yarn add @futureverse/auth

pnpm:

    pnpm add @futureverse/auth

bun:

    bun add @futureverse/auth

Register your client

First, you will need to register an OAuth2 client with the Pass Online Identity Provider using the Manage Clients Console:

• Production: https://login.pass.online/manageclients
• Development / Staging: https://login.passonline.cloud/manageclients

Usage

PKCE Auth Client Setup

Use the same client ID and redirect URI for the environment you configured your client in.

import { FutureverseAuthClient } from '@futureverse/auth';

const authClient = new FutureverseAuthClient({
  clientId: '<your-client-id>',
  environment: 'production',
  redirectUri: '<your-redirect-uri>',
  postLogoutRedirectUri: '<your-post-logout-redirect-uri>',
});

Sign in

For Web3 wallet authentication, a signer interface is required. The user needs to sign a message so the identity service can verify their identity.

Signer adapters are available from the Signer SDK.

For custodial authentication, set type as email, facebook, google, tiktok or x.

import { EthereumSigner } from '@futureverse/signer';
...
// Sign in custodial options with popup
const type = 'eoa' // 'eoa' is for web3 wallet sign in
const address = '<selected-web3-wallet-address>';
const signer: Signer = new EthereumSigner(...);

await authClient.signInPass({
    type, // eoa | email | facebook | google | tiktok | x
    address,
    state,
    signer,
    authFlow, //'popup' | 'redirect' | 'silent' 
    responseMode, //'query' | 'fragment' | 'form_post' | 'web_message'
});

Handle Redirect

Once the user has signed in, they will be redirected to the redirect URI that was set up in the client. This step is required for the user session to be updated and any open sign in popups to close automatically.

...
await authClient.verifyAndLoadUser();

Getting the user

This method can return the current user if signed in.

...
await authClient.getUser();

Sessions

The session object contains the user object as well as the FuturePass address and EOA address.

...
const session = authClient.userSession;
const futurepassAddress = session.futurepass;
const eoaAddress = session.eoa;
const user = session.user;

Sign out

...
await authClient.signOutPass({ 
    flow: 'redirect', // redirect | silent
    postRedirecturi: '<post_logout_redirect_uri>' // optional
    disableConsent: false // "true" by default
});