0.6.4 • Published 9 months ago

@oxide/remix-auth-turnstile v0.6.4

Weekly downloads
-
License
MPL-2.0
Repository
github
Last release
9 months ago

@oxide/remix-auth-turnstile

Under development library for integrating turnstile authentication with Remix.

Installation

npm install --save @oxide/remix-auth-turnstile

Usage - Magic Link

auth.use(
  new TurnstileMagicLinkStrategy(
    {
      // REQUIRED

      // Full url to the turnstile API
      host: TURNSTILE_HOST,
      // Magic link client secret
      clientSecret: MAGIC_LINK_SECRET,
      // Path or url that the user should land on when clicking the magic link. This url must be
      // registered as a valid redirect uri with the magic link client.
      callbackPath: '/magic',
      // Custom identifier when using mutliple Magic Link flows against a single server.
      channel: 'login',
      // Time in seconds that the magic link should be valid for.
      linkExpirationTime: 60 * 10,
      
      // OPTIONAL

      // Session key to store a success indicator in
      successMessageKey,

      // The scopes to include for the requested access token
      // @default ['user:info:r']
      scope: [
        'user:info:r',
        'applicant:r',
        'applicant:w',
        'application:r',
        'application:w',
        'department:r',
        'role:r',
        'listing:r',
      ],
    },
    async (params) => {
      const {
        // The email that the user initiated the magic link flow via.
        email,
        // The user identifying info that was retrieved from the server during authentication.
        user,
        // The access token for the user.
        token
      } = params;

      return {
        id: user.info.id,
        email,
        token
      }
    },
  ),
)

Usage - OAuth

auth.use(
  new TurnstileOAuthStrategy(
    {
      // REQUIRED

      host: TURNSTILE_HOST,
      clientID: OAUTH_CLIENT_ID,
      clientSecret: OAUTH_CLIENT_SECRET,
      // Full callback url that has been registered as a valid redirect uri with the oauth client
      callbackURL: OAUTH_CLIENT_URL,
      // The remote provider to use as the backing authentication
      remoteProvider: 'google',

      // OPTIONAL

      // The scopes to include for the requested access token
      // @default ['user:info:r']
      scope: [
        'user:info:r',
        'applicant:r',
        'applicant:w',
        'application:r',
        'application:w',
        'department:r',
        'role:r',
        'listing:r',
      ],
    },
    async ({ accessToken, profile }) => {
      return {
        id: profile._raw.info.id,
        email: profile.emails?.[0].value || '',
        token: accessToken,
      }
    },
  ),
)
0.6.4

9 months ago

0.6.3

9 months ago

0.6.2

9 months ago

0.6.1

10 months ago

0.6.0

10 months ago

0.5.0

10 months ago

0.4.1

10 months ago

0.4.0

10 months ago

0.3.0

10 months ago

0.2.0

10 months ago

0.1.0

10 months ago