Options
All
  • Public
  • Public/Protected
  • All
Menu

Auth SDK Reference Guide

Arcana Auth-Core SDK


Arcana Auth-Core SDK

Auth-Core SDK

Auth-Core SDK enables basic functionality for onboarding users to Web3 apps via social login. It uses the Arcana Keystore APIs to interact with the distributed key generation subsystem in the Arcana Network.

The Arcana Auth product is built using the Auth-Core SDK and the Arcana wallet UI. It ensures that only authenticated users have access to the private keys for signing blockchain transactions. With Arcana Auth, the app developers cannot access the user's private keys.

Web3 apps that choose to integrate directly with the Auth-Core SDK instead of using Arcana Auth must implement some of the functionality related to handling user authentication via social login. In addition, developers must ensure the security and privacy of the user's keys. See the Usage section below for details.

Note that the 'Global Keys' and enhanced wallet security 'MFA' features available via Arcana Auth are not available through the Auth-Core SDK.

Installation

npm

npm install --save @arcana/auth-core

yarn

yarn add @arcana/auth-core

CDN

<script src="https://cdn.jsdelivr.net/npm/@arcana/auth-core"></script>
<script src="https://unpkg.com/@arcana/auth-core"></script>

Usage

Import

const { AuthProvider, SocialLoginType, CURVE } = window.arcana.auth_core;
// or
import { AuthProvider, CURVE } from '@arcana/auth-core';

Initialize AuthProvider

const auth = new AuthProvider({
curve: CURVE.ED25519, // defaults to CURVE.SECP256K1
appId: `${appId}`,
redirectUri: ''
});

Initiate Social Login

await auth.loginWithSocial(SocialLoginType.google);

Initiate Passwordless Login

const result = await auth.loginWithPasswordlessStart({
email: 'abc@example.com'
});

On Redirect page

await auth.handleRedirect();

Get Login Status

const loggedIn = auth.isLoggedIn(); /* boolean response */

Get User Info

After successful login, the user information is saved in memory. Before the page unload event, the user information gets stored in session-storage. After a successful page reload, it is fetched again to memory and removed from the session-storage.

const userInfo = auth.getUserInfo();
/*
UserInfo: {
loginType: 'google',
userInfo: {
id: 'abc@example.com',
name: 'ABC DEF',
email: '',
picture: ''
},
privateKey: ''
}
*/

For userInfo type details, see Exported Types.

Get Public Key

const publicKey = await auth.getPublicKey({
verifier: SocialLoginType.google,
id: `abc@example.com`,
});

For details regarding SocialLoginType, see Exported Enums.

Clear Login Session

await auth.logout();

TypeScript Usage

Exported Enums


enum SocialLoginType {
google = 'google',
discord = 'discord',
twitch = 'twitch',
github = 'github',
twitter = 'twitter',
passwordless = 'passwordless',
}

Exported Types


interface KeystoreInput {
id: string;
verifier: LoginType;
}

interface InitParams {
/**
* appId: arcana app id without network hint,
* example: for clientId `xar_dev_xyz` - `xyz` is the appId.
*/
appId: string;
network?: 'dev' | 'testnet'| 'mainnet'; /* defaults to testnet */
/**
* autoRedirect: is redirected via SDK internally,
* instead of `loginWithSocial` output being `{ url }`.
*/
autoRedirect: boolean /* defaults to true */
/**
* shouldVerifyState: by default state is compared internally,
* the state is stored to local storage on login init.
* Set to false if you want to compare it yourself.
*/
shouldVerifyState: boolean /* defaults to true */
/**
* revokeTokenPostLogin: Some tokens need to be revoked to get new tokens
* on subsequent login or to prevent misuse, SDK does this internally. If
* set to `false` there is a cleanup function that is outputted from
* `auth.handleRedirect()` which should be called after token is used
* for secondary purpose.
*/
revokeTokenPostLogin: boolean /* defaults to true */
debug?: boolean; /* defaults to false */
}

interface GetInfoOutput {
loginType: SocialLoginType;
userInfo: UserInfo {
id: string;
email?: string;
name?: string;
picture?: string;
};
privateKey: string;
}

Flow Modes

Redirect

login.js

window.onload = async () => {
const auth = new AuthProvider({
appId: `${appId}`,
redirectUri:'path/to/redirect'
});

googleLoginBtn.addEventListener('click', async () => {
await auth.loginWithSocial(SocialLoginType.google);
});
}

redirect.js

window.onload = async () => {
const auth = new AuthProvider({
appId: `${appId}`,
redirectUri:'path/to/redirect'
});

await auth.handleRedirect();

if(auth.isLoggedIn()) {
const info = auth.getUserInfo();
}
}

Variables

  • origin - Base URL of the app.

💡 Support

For any support or integration-related queries, contact the Arcana support team.

ℹ️ License

Arcana Auth Core SDK is distributed under the MIT License. For details see Arcana License.

Generated using TypeDoc, the 2/12/2024 at 7:15:57 PM