svelte-session-manager
Session store for svelte (currently only for JWT)
usage
import { derived } from 'svelte';
import { Session, login } from 'svelte-session-manager';
let session = new Session(localStorage);
if(!session.isValid) {
await login(session, 'https://mydomain.com/authenticate', 'a user', 'a secret');
}
session.isValid;
export const values = derived(
session,
($session, set) => {
if (!session.isValid) {
set([]);
} else {
fetch('https://mydomain.com/values', {
headers: {
...session.authorizationHeader
}
}).then(async data => set(await data.json()));
}
return () => {};
}
,[]);
run tests
export BROWSER=safari|chrome|...
npm|yarn test
The test runs the following requests against the server
curl -X POST -d '{"username":"user","password":"secret"}' 'http://[::]:5000/api/login'
{"access_token":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbnRpdGxlbWVudHMiOiJhLGIsYyIsImlhdCI6MTYwNDY2NDI0NywiZXhwIjoxNjA0NjY0MjYyfQ.qyjeoCuXO0iyYwSxM2sM02_BVhaZobRmEWam1M8Hzkx51nbsAuTR8G1rNgz1COo_KvbCU7LwZt7qnSEFB1tcwyDA1eBxwc2Wb7JxWgQ50m1IWkr2JCgY1seWRJRcwZBXiTRtiPqhzofP-l3S-CBluzU48cd4yzoPayczLkKuPK4"}
curl -X POST -d '{"username":"user","password":"wrong"}' 'http://[::]:5000/api/login'
{"message":"Unauthorized"}
Live Example
live example
API
Table of Contents
login
Bring session into the valid state by calling the authorization endpoint
and asking for a access_token.
Executes a POST on the endpoint url expecting username, and password as json
Parameters
session
Session to be openedendpoint
string authorization urlusername
string id of the userpassword
string user credentialstokenmap
Object token names in response to internal known values (optional, default defaultTokenMap
)
Returns Promise<string> error message in case of failure or undefined on success
handleFailedResponse
Extract error description from response.
Parameters
Returns Promise<string>
SessionData
Data as preserved in the backing store.
Type: Object
Properties
msecsRequiredForRefresh
Time required to execute a refresh
Type: number
Session
User session.
To create as session backed by browser local storage.
let session = new Session(localStorage);
or by browser session storage
let session = new Session(sessionStorage);
Parameters
Properties
entitlements
Set<string> subscriptions
Set<Object> store subscriptionsexpirationDate
Date when the access token expiresaccess_token
string token itselfrefresh_token
string refresh token
update
Consume auth response data and reflect internal state.
Parameters
refresh
Refresh with refresh_token.
Returns Promise<boolean> true if refresh was succcessfull false otherwise
Http header suitable for fetch.
Returns Object header The http header.
Returns string header.Authorization The Bearer access token.
isValid
As long as the expirationTimer is running we must be valid.
Returns boolean true if session is valid (not expired)
invalidate
Remove all tokens from the session and the backing store.
hasEntitlement
Check presence of an entitlement.
Parameters
name
string of the entitlement
Returns boolean true if the named entitlement is present
subscribe
Fired when the session changes.
Parameters
decode
Extract and decode the payload.
Parameters
Returns Object payload object
install
With npm do:
npm install svelte-session-manager
license
BSD-2-Clause