@ttoss/auth
Advanced tools
This module handles auth in your applications and other ttoss modules.
This module is intended to use with AWS Cognito. It uses AWS Amplify under the hood.
Amplify Auth configuration must be provided in your App to make Auth Module works properly.
$ yarn add @ttoss/auth and yarn add @ttoss/notifications
# or
$ npm install @ttoss/auth and npm install @ttoss/notifications
import Amplify from 'aws-amplify';
Amplify.configure({
Auth: {
// REQUIRED only for Federated Authentication - Amazon Cognito Identity Pool ID
identityPoolId: 'XX-XXXX-X:XXXXXXXX-XXXX-1234-abcd-1234567890ab',
// REQUIRED - Amazon Cognito Region
region: 'XX-XXXX-X',
// OPTIONAL - Amazon Cognito Federated Identity Pool Region
// Required only if it's different from Amazon Cognito Region
identityPoolRegion: 'XX-XXXX-X',
// OPTIONAL - Amazon Cognito User Pool ID
userPoolId: 'XX-XXXX-X_abcd1234',
// OPTIONAL - Amazon Cognito Web Client ID (26-char alphanumeric string)
userPoolWebClientId: 'a1b2c3d4e5f6g7h8i9j0k1l2m3',
// OPTIONAL - Enforce user authentication prior to accessing AWS resources or not
mandatorySignIn: false,
// OPTIONAL - Configuration for cookie storage
// Note: if the secure flag is set to true, then the cookie transmission requires a secure protocol
cookieStorage: {
// REQUIRED - Cookie domain (only required if cookieStorage is provided)
domain: '.yourdomain.com',
// OPTIONAL - Cookie path
path: '/',
// OPTIONAL - Cookie expiration in days
expires: 365,
// OPTIONAL - See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
sameSite: 'strict' | 'lax',
// OPTIONAL - Cookie secure flag
// Either true or false, indicating if the cookie transmission requires a secure protocol (https).
secure: true,
},
// OPTIONAL - customized storage object
storage: MyStorage,
// OPTIONAL - Manually set the authentication flow type. Default is 'USER_SRP_AUTH'
authenticationFlowType: 'USER_PASSWORD_AUTH',
// OPTIONAL - Manually set key value pairs that can be passed to Cognito Lambda Triggers
clientMetadata: { myCustomKey: 'myCustomValue' },
// OPTIONAL - Hosted UI configuration
oauth: {
domain: 'your_cognito_domain',
scope: [
'phone',
'email',
'profile',
'openid',
'aws.cognito.signin.user.admin',
],
redirectSignIn: 'http://localhost:3000/',
redirectSignOut: 'http://localhost:3000/',
responseType: 'code', // or 'token', note that REFRESH token will only be generated when the responseType is code
},
},
});
import { useAuth } from '@ttoss/auth';
const PrivateRoute = (props: any) => {
const { isAuthenticated } = useAuth();
if (!isAuthenticated) {
return <Navigate to="/login" state={{ redirectTo: props.path || '/' }} />;
}
return <Route {...props} />;
};
import { Auth, useAuth } from '@ttoss/auth';
const Login = () => {
const auth = useAuth();
const onSuccess = () => {
// Navigate to logged-area
};
return (
<div>
<h1>Login Page</h1>
<Auth onSignIn={onSuccess} />
<button onClick={auth.signOut}>Logout</button>
</div>
);
};
export default Login;
import { AuthProvider } from '@ttoss/auth';
import { NotificationsProvider } from '@ttoss/notifications';
ReactDOM.render(
<React.StrictMode>
<NotificationsProvider>
<AuthProvider>
<App />
</AuthProvider>
</NotificationsProvider>
</React.StrictMode>,
document.getElementById('root')
);
export type OnSignInInput = {
email: string;
password: string;
};
export type OnSignIn = (input: OnSignInInput) => void;
export type OnSignUpInput = {
email: string;
password: string;
};
export type OnSignUp = (input: OnSignUpInput) => void;
export type OnConfirmSignUp = (input: { email: string; code: string }) => void;
FAQs
ttoss authentication module for React apps.
The npm package @ttoss/auth receives a total of 0 weekly downloads. As such, @ttoss/auth popularity was classified as not popular.
We found that @ttoss/auth demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
The North Korean malware loader hides in a Packagist-listed package and its GitHub branch to fetch and execute remote code in a likely Contagious Interview-style lure.
Security News
The Rust project is moving toward formal rules on LLM use in contributions after months of internal debate over maintainer burden, code quality, and contributor experience.
Research
/Security News
A malicious NuGet package impersonating Sicoob exfiltrated client IDs, PFX passwords, and banking certificates through Sentry telemetry.