# Core Authentication Module

This module contains methods such as registering and logging in, resetting the mobile phone number, email, and modifying account information. It is requested as your end user (End User), and is suitable for use in situations where the identity of the user needs to be verified.

Instructions:

import {AuthenticationClient} from "authing-js-sdk"
const authenticationClient = new AuthenticationClient({
   appId: "YOUR_APP_ID",
})
authenticationClient.registerByEmail // Register by email
authenticationClient.loginByEmail // Login by email

# Register with Email

AuthenticationClient().registerByEmail(email, password, profile, options)

Use email to register. This interface does not require the user to verify the email. After the user registers, the emailVerified field will be false. If you want users with unauthenticated mailboxes to be unable to log in, you can use the pipeline to intercept such requests.

# Parameters

  • email <string> mailbox
  • password <string> password
  • profile <RegisterProfile> user profile
  • options <Object>
  • options.forceLogin <boolean> Whether to go through the complete login, it will trigger the pipeline function before and after the login and the login event webhook, and the cumulative login times of the user will be increased by 1. The default is false.
  • options.generateToken <boolean> Whether to generate a token for the user, it will not trigger the complete process after login, and the user's cumulative login times will not increase by 1. The default is false.
  • options.clientIp <string> The real IP of the client. If you call this interface on the server, you must set this parameter to the real IP of the end user.

# Example

authenticationClient.registerByEmail(
'test@example.com',
'passw0rd',
{
 nickname:'Nick'
},
{
 generateToken: true
}
)
authenticationClient.registerByEmail('test@example.com','passw0rd')

# return value

  • Promise<User>

# Register with username

AuthenticationClient().registerByUsername(username, password, profile, options)

Register with username

# Parameters

  • username <string> username
  • password <string> password
  • profile <RegisterProfile> user profile
  • options <Object>
  • options.forceLogin <boolean> Whether to go through the complete login, it will trigger the pipeline function before and after the login and the login event webhook, and the cumulative login times of the user will be increased by 1. The default is false.
  • options.generateToken <boolean> Whether to generate a token for the user, it will not trigger the complete process after login, and the user's cumulative login times will not increase by 1. The default is false.
  • options.clientIp <string> The real IP of the client. If you call this interface on the server, you must set this parameter to the real IP of the end user.

# Example

authenticationClient.registerByUsername(
'bob',
'passw0rd',
{
 nickname:'Nick'
},
{
 generateToken: true
}
)
authenticationClient.registerByUsername('bob','passw0rd')

# return value

  • Promise<User>

# Use mobile phone number to register

AuthenticationClient().registerByPhoneCode(phone, code, password, profile, options)

Register with your mobile phone number, you can set the initial password of the account at the same time. Please see sendSmsCode for the interface to send SMS

# Parameters

  • phone <string> phone number
  • code <string> SMS verification code
  • password <string> initial password
  • profile <RegisterProfile> user profile
  • options <Object>
  • options.forceLogin <boolean> Whether to go through the complete login, it will trigger the pipeline function before and after the login and the login event webhook, and the cumulative login times of the user will be increased by 1. The default is false.
  • options.generateToken <boolean> Whether to generate a token for the user, it will not trigger the complete process after login, and the user's cumulative login times will not increase by 1. The default is false.
  • options.clientIp <string> The real IP of the client. If you call this interface on the server, you must set this parameter to the real IP of the end user.

# Example

authenticationClient.registerByPhoneCode(
'176xxxx7041',
'1234',
'passw0rd',
{
 nickname:'Nick'
},
{
 generateToken: true
}
)
authenticationClient.registerByPhoneCode('176xxxx7041', '1234')

# return value

  • Promise<User>

# Check password strength

AuthenticationClient().checkPasswordStrength(password)

Check the password strength, see for details: https://docs.authing.co/security/config-user-pool-password-level.html

# Parameters

  • password <string>

# Example

authenticationClient.checkPasswordStrength('weak')
authenticationClient.checkPasswordStrength('strongPassw0rd!')

# return value

  • Promise<CheckPasswordStrengthResult>

# Send SMS verification code

AuthenticationClient().sendSmsCode(phone)

Send SMS verification code, the validity time of the SMS verification code is 60 s.

# Parameters

  • phone <string>

# Example

authenticationClient.sendSmsCode('176xxxx6754')

# return value

  • Promise<CommonMessage>

# Login with email

AuthenticationClient().loginByEmail(email, password, options)

Use email to log in. By default, the interface does not restrict logins to unverified emails. If you want users with unverified emails to not log in, you can use the pipeline to intercept such requests.

If your user pool is configured with login failure detection, the user will be asked to enter the graphic verification code (code 2000) when the login fails multiple times under the same IP.

# Parameters

  • email <string> mailbox
  • password <string> password
  • options <Object>
  • options.autoRegister <boolean> Whether to register automatically. If it detects that the user does not exist, an account will be automatically created based on the login account password.
  • options.captchaCode <string> Graphic verification code
  • options.clientIp <string> The real IP of the client. If you call this interface on the server, you must set this parameter to the real IP of the end user.

# Example

authenticationClient.loginByEmail(
'test@example.com',
'passw0rd',
{
 autoRegister: true,
 captchaCode:'xj72'
}
)
authenticationClient.loginByEmail('test@example.com','passw0rd')

# return value

  • Promise<User>

# Login with username

AuthenticationClient().loginByUsername(username, password, options)

Log in with username.

If your user pool is configured with login failure detection, the user will be asked to enter the graphic verification code (code 2000) when the login fails multiple times under the same IP.

# Parameters

  • username <string> username
  • password <string> password
  • options <Object>
  • options.autoRegister <boolean> Whether to register automatically. If it detects that the user does not exist, an account will be automatically created based on the login account password.
  • options.captchaCode <string> Graphic verification code
  • options.clientIp <string> The real IP of the client. If you call this interface on the server, you must set this parameter to the real IP of the end user.

# Example

authenticationClient.loginByEmail(
'test@example.com',
'passw0rd',
{
 autoRegister: true,
 captchaCode:'xj72'
}
)
authenticationClient.loginByEmail('test@example.com','passw0rd')

# return value

  • Promise<User>

# Login with mobile phone number verification code

AuthenticationClient().loginByPhoneCode(phone, code)

Use the mobile phone number verification code to log in.

# Parameters

  • phone <string> phone number
  • code <string> SMS verification code
  • options.clientIp <string> The real IP of the client. If you call this interface on the server, you must set this parameter to the real IP of the end user.

# Example

authenticationClient.loginByPhoneCode(
'176xxxx7041',
'1234',
)

# return value

  • Promise<User>

# Login with mobile phone number and password

AuthenticationClient().loginByPhonePassword(phone, password, options)

Use your phone number and password to log in.

# Parameters

  • phone <string> phone number
  • password <string> password
  • options <Object>
  • options.captchaCode <string> Graphic verification code
  • options.clientIp <string> The real IP of the client. If you call this interface on the server, you must set this parameter to the real IP of the end user.

# Example

authenticationClient.loginByPhonePassword(
'176xxxx7041',
'passw0rd',
{
 captchaCode:'xj72'
}
)
authenticationClient.loginByPhonePassword('176xxxx7041','passw0rd')

# return value

  • Promise<User>

# Check Token login status

AuthenticationClient().checkLoginStatus(token)

Check Token login status

# Parameters

  • token <string> user's login credentials token

# Example

authenticationClient.checkLoginStatus('TOKEN')

# return value

  • Promise<JwtTokenStatus>

# Upload Avatar

AuthenticationClient().updateAvatar()

This method will automatically open the browser file upload box (the file format supported for upload is image/*), and automatically complete the image file upload CDN and modify the user avatar.

# Example

// Please make sure you are logged in
const user = await authing.updateAvatar()

# return value

  • Promise<User>

# send email

AuthenticationClient().sendEmail(email, scene)

Send mail

# Parameters

  • email <string> mailbox
  • scene <EmailScene> Sending scene, optional values ​​are RESET_PASSWORD (send reset password email, the email contains the verification code), VerifyEmail (send the email to verify the email), ChangeEmail (send the modified email, the email contains Verification code)

# Example

import {EmailScene} from "authing-js-sdk"
authenticationClient.sendEmail('test@example.com', EmailScene.RESET_PASSWORD)

# return value

  • Promise<CommonMessage>

# Reset password via SMS verification code

AuthenticationClient().resetPasswordByPhoneCode(phone, code, newPassword)

To reset the password by SMS verification code, you need to call the sendSmsCode interface to send the reset password email.

# Parameters

  • phone <string> phone number
  • code <string> verification code
  • newPassword <string> new password

# Example

authenticationClient.resetPasswordByPhoneCode('176xxxx7041', '1234','passw0rd')

# return value

  • Promise<CommonMessage>

# Reset password via email verification code

AuthenticationClient().resetPasswordByEmailCode(phone, code, newPassword)

To reset the password through the email verification code, you need to call the sendEmail interface to send the reset password email.

# Parameters

  • phone <string> phone number
  • code <string> verification code
  • newPassword <string> new password

# Example

authenticationClient.resetPasswordByEmailCode('test@example.com', '1234','passw0rd')

# return value

  • Promise<CommonMessage>

# Modify user information

AuthenticationClient().updateProfile(updates)

Modify user information. This interface cannot be used to modify the phone number, email address, and password. If necessary, please call the updatePhone, updateEmail, and updatePassword interfaces.

# Parameters

  • updates <UpdateUserInput> modified user profile
  • updates.username <string> username
  • updates.nickname <string> nickname
  • updates.photo <string> Avatar
  • updates.company <string> company
  • updates.browser <string> browser
  • updates.device <string> device
  • updates.lastIP <string> Last logged in IP
  • updates.name <string> Name
  • updates.givenName <string> Given Name
  • updates.familyName <string> Family Name
  • updates.middleName <string> Middle Name
  • updates.profile <string> Profile Url
  • updates.preferredUsername <string> Preferred Name
  • updates.website <string> personal website
  • updates.gender <string> gender, M stands for male, W stands for female, and U stands for unknown.
  • updates.birthdate <string> birthday
  • updates.zoneinfo <string> time zone
  • updates.locale <string> language
  • updates.address <string> address
  • updates.streetAddress <string> street address
  • updates.locality <string>
  • updates.region <string> region
  • updates.postalCode <string> Zip code
  • updates.city <string> city
  • updates.province <string> province
  • updates.country <string> country

# Example

authenticationClient.updateProfile({
nickname: "Nick",
lastIp: "111.111.111.111"
})

# return value

  • Promise<User>

# Update user password

AuthenticationClient().updatePassword(newPassword, oldPassword)

Update user password

# Parameters

  • newPassword <string> new password
  • oldPassword <string> Old password, if the user has not set a password, you can leave it blank.

# Example

authenticationClient.updatePassword('passw0rd') // If you register by other methods such as mobile phone number, social login, etc., no password is set for the first time, and oldPassword is left blank.
authenticationClient.updatePassword('passw0rd','oldPassw0rd') // The user has previously set a password

# return value

  • Promise<User>

# Update user phone number

AuthenticationClient().updatePhone(phone, phoneCode, oldPhone, oldPhoneCode)

Update the user's mobile phone number. Just like modifying the mailbox, by default, if the user has already bound a mobile phone number, the original mobile phone number (the mobile phone number bound to the current account) and the current mailbox (the mobile phone number to be bound) need to be verified at the same time. In other words, the mobile phone number currently bound to user A is 15888888888, and if you want to change it to 15899999999, you need to verify both mobile phone numbers. Developers can also choose not to turn on "Verify original phone number", which can be turned off in the security information module under the settings directory of the Authing console. To bind a mobile phone number for the first time, please use the bindPhone interface.

# Parameters

  • phone <string> new phone number
  • phoneCode <string> The verification code of the new phone number
  • oldPhone <string> old phone number
  • oldPhoneCode <string> The verification code of the old phone number

# Example

authenticationClient.updatePhone('176xxxx7041', '1234') // Close the "Verify the original phone number" option
authenticationClient.updatePhone('176xxxx7041', '1234', '156xxxx9876', '1234') // The option of "Verify original phone number" is enabled

# return value

  • Promise<User>

# Update user mailbox

AuthenticationClient().updateEmail(email, emailCode, oldEmail, oldEmailCode)

If the user has already bound the mailbox, by default, the original mailbox (the mailbox bound to the current account) and the current mailbox (the mailbox to be bound) need to be verified at the same time. In other words, the currently bound mailbox of user A is 123456@qq.com, and wants to modify it to 1234567@qq.com, then both mailboxes need to be verified at the same time. Developers can also choose not to turn on "Verify original mailbox", which can be turned off in the security information module under the settings directory of the Authing console. For the first time to bind a mobile phone number, please use the bindEmail interface.

# Parameters

  • email <string> new mailbox
  • emailCode <string> The verification code of the new mailbox
  • oldEmail <string> old email
  • oldEmailCode <string> The verification code of the old email

# Example

authenticationClient.updateEmail('test@example.com', '1234') // Close the "Verify the original email" option
authenticationClient.updateEmail('test@example.com', '1234','test2@example.com', '1234') // Enable the "Verify original email" option

# return value

  • Promise<User>

# Bind social accounts

AuthenticationClient().linkAccount(options)

Bind a social account to a main account (mobile phone number, email account).

# Parameters

  • options.primaryUserToken <string> Primary account Token
  • options.secondaryUserToken <string> social account Token

# Example

authenticationClient.linkAccount({ primaryUserToken: primaryUser.token, secondaryUserToken: secondaryUser.token });

# return value

{
   "code": 200,
   "message": "Binding successful"
}

# Refresh the current user's token

AuthenticationClient().refreshToken()

Refresh the token of the current user, and call this interface to require login first.

# Parameters

# Example

authenticationClient.updateEmail()

# return value

  • Promise<RefreshToken>

# Bind mobile phone number

AuthenticationClient().bindPhone(phone, phoneCode)

The user binds the mobile phone number for the first time. If you need to modify the mobile phone number, please use the updatePhone interface.

# Parameters

  • phone <string>
  • phoneCode <string>

# Example

authenticationClient.bindPhone('176xxxx7041', '1234')

# return value

  • Promise<User>

# Unbind mobile phone number

AuthenticationClient().unbindPhone()

User unbind mobile phone number

# Parameters

# Example

authenticationClient.unbindPhone()

# return value

  • Promise<User>

# Unbind mobile phone number

AuthenticationClient().unbindPhone()

User unbind mobile phone number

# Parameters

# Example

authenticationClient.unbindPhone()

# return value

  • Promise<User>

# Get the currently logged-in user information

AuthenticationClient().getCurrentUser()

Get the information of the currently logged in user

# Parameters

# Example

authenticationClient.getCurrentUser()

# return value

  • Promise<User>

# sign out

AuthenticationClient().logout()

Log out, clear the user and token in localStorage

# Parameters

# Example

authenticationClient.logout()

# return value

  • null

# Get the current user's custom data list

AuthenticationClient().listUdv()

Get the current user's custom data list

# Parameters

# Example

authenticationClient.listUdv()

# return value

  • Promise<Array<UserDefinedData>>

# Add custom data

AuthenticationClient().setUdv(key, value)

Add custom data

# Parameters

  • key <string> custom field key
  • value <any> The value of the custom data, the value type must be consistent with the custom field type defined by the user pool.

# Example

authenticationClient.setUdv('school','Tsinghua University') // requires the user to define the school field.

# return value

  • Promise<Array<UserDefinedData>>

# Delete custom data

AuthenticationClient().removeUdv(key)

Delete custom data

# Parameters

  • key <null> custom field key

# Example

authenticationClient.removeUdv('school')

# return value

  • Promise<Array<UserDefinedData>>

# Get the user's organization

AuthenticationClient().listOrg()

Obtain the tombstone of the user's organization and the complete path of the node he belongs to in this organization.

# Parameters

# Example

const data = await authenticationClient.listOrgs();

# return value

  • Promise<UserOrgList>

# Login with LDAP username

AuthenticationClient().loginByLdap(username, password, options)

Log in with an LDAP username.

If your user pool is configured with login failure detection, the user will be asked to enter the graphic verification code (code 2000) when the login fails multiple times under the same IP.

# Parameters

  • username <string> username
  • password <string> password
  • options <Object>
  • options.autoRegister <boolean> Whether to register automatically. If it detects that the user does not exist, an account will be automatically created based on the login account password.
  • options.captchaCode <string> Graphic verification code
  • options.clientIp <string> The real IP of the client. If you call this interface on the server, you must set this parameter to the real IP of the end user.

# Example

const authenticationClient = new AuthenticationClient({
appId:'App ID'
})

authenticationClient.loginByLdap(
'admin',
'admin',
)

# return value

  • Promise<User>

# Login with AD username

AuthenticationClient().loginByAd(username, password)

Log in with AD username.

# Parameters

  • username <string> username
  • password <string> password

# Example

const authenticationClient = new AuthenticationClient({
appId:'App ID'
})

authenticationClient.loginByAd(
'admin',
'admin',
)

# return value

  • Promise<User>