Security News
RubyGems Adds Cooldown Feature to Bundler for Newly Published Gems
RubyGems and Bundler 4.0.13 introduced an opt-in cooldown feature that delays newly published gems during dependency resolution.
By Sarah Gooding - Jun 05, 2026
Big News: Socket raises $60M Series C at a $1B valuation to secure software supply chains for AI-driven development.Announcement →
@ttoss/auth
Advanced tools
@ttoss/auth
📚 About
This module handles auth in your applications and other ttoss modules.
This module is intended to use with AWS Cognito. It uses AWS Amplify under the hood.
Amplify Auth configuration must be provided in your App to make Auth Module works properly.
🚀 Getting Started
Install
$ yarn add @ttoss/auth and yarn add @ttoss/notifications
# or
$ npm install @ttoss/auth and npm install @ttoss/notifications
📄 Examples of use
Amplify config
import Amplify from 'aws-amplify';
Amplify.configure({
Auth: {
// REQUIRED only for Federated Authentication - Amazon Cognito Identity Pool ID
identityPoolId: 'XX-XXXX-X:XXXXXXXX-XXXX-1234-abcd-1234567890ab',
// REQUIRED - Amazon Cognito Region
region: 'XX-XXXX-X',
// OPTIONAL - Amazon Cognito Federated Identity Pool Region
// Required only if it's different from Amazon Cognito Region
identityPoolRegion: 'XX-XXXX-X',
// OPTIONAL - Amazon Cognito User Pool ID
userPoolId: 'XX-XXXX-X_abcd1234',
// OPTIONAL - Amazon Cognito Web Client ID (26-char alphanumeric string)
userPoolWebClientId: 'a1b2c3d4e5f6g7h8i9j0k1l2m3',
// OPTIONAL - Enforce user authentication prior to accessing AWS resources or not
mandatorySignIn: false,
// OPTIONAL - Configuration for cookie storage
// Note: if the secure flag is set to true, then the cookie transmission requires a secure protocol
cookieStorage: {
// REQUIRED - Cookie domain (only required if cookieStorage is provided)
domain: '.yourdomain.com',
// OPTIONAL - Cookie path
path: '/',
// OPTIONAL - Cookie expiration in days
expires: 365,
// OPTIONAL - See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
sameSite: 'strict' | 'lax',
// OPTIONAL - Cookie secure flag
// Either true or false, indicating if the cookie transmission requires a secure protocol (https).
secure: true,
},
// OPTIONAL - customized storage object
storage: MyStorage,
// OPTIONAL - Manually set the authentication flow type. Default is 'USER_SRP_AUTH'
authenticationFlowType: 'USER_PASSWORD_AUTH',
// OPTIONAL - Manually set key value pairs that can be passed to Cognito Lambda Triggers
clientMetadata: { myCustomKey: 'myCustomValue' },
// OPTIONAL - Hosted UI configuration
oauth: {
domain: 'your_cognito_domain',
scope: [
'phone',
'email',
'profile',
'openid',
'aws.cognito.signin.user.admin',
],
redirectSignIn: 'http://localhost:3000/',
redirectSignOut: 'http://localhost:3000/',
responseType: 'code', // or 'token', note that REFRESH token will only be generated when the responseType is code
},
},
});
PrivateRoute component
import { useAuth } from '@ttoss/auth';
const PrivateRoute = (props: any) => {
const { isAuthenticated } = useAuth();
if (!isAuthenticated) {
return <Navigate to="/login" state={{ redirectTo: props.path || '/' }} />;
}
return <Route {...props} />;
};
Login Page
import { Auth, useAuth } from '@ttoss/auth';
const Login = () => {
const auth = useAuth();
const onSuccess = () => {
// Navigate to logged-area
};
return (
<div>
<h1>Login Page</h1>
<Auth onSignIn={onSuccess} />
<button onClick={auth.signOut}>Logout</button>
</div>
);
};
export default Login;
Auth with Progressbar
import { AuthProvider } from '@ttoss/auth';
import { NotificationsProvider } from '@ttoss/notifications';
ReactDOM.render(
<React.StrictMode>
<NotificationsProvider>
<AuthProvider>
<App />
</AuthProvider>
</NotificationsProvider>
</React.StrictMode>,
document.getElementById('root')
);
Types
export type OnSignInInput = {
email: string;
password: string;
};
export type OnSignIn = (input: OnSignInInput) => void;
export type OnSignUpInput = {
email: string;
password: string;
};
export type OnSignUp = (input: OnSignUpInput) => void;
export type OnConfirmSignUp = (input: { email: string; code: string }) => void;
Keywords
FAQs
ttoss authentication module for React apps.
The npm package @ttoss/auth receives a total of 10 weekly downloads. As such, @ttoss/auth popularity was classified as not popular.
We found that @ttoss/auth demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Package last updated on 24 May 2022
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
pnpm 11.5 Adds Support for Recognizing npm Staged Publishes
pnpm 11.5 now recognizes npm staged publish approvals in release metadata, preventing those releases from being mistaken for lower-trust package publishes.
By Sarah Gooding - Jun 04, 2026
Security News
Federal Audit Finds NIST Wasted Funds With No Plan to Clear NVD Backlog
Federal audit finds NIST lacked a plan to clear the NVD backlog, wasted funds on duplicate work, and delayed use of CISA data.
By Sarah Gooding - Jun 03, 2026