Skip to content

A Vendure plugin allow users log in using email and verification code

License

Notifications You must be signed in to change notification settings

denz93/vendure-plugin-simple-auth

Repository files navigation

Simple Auth Plugin for Vendure.io

Test CI Publish Package to npmjs Coverage

A Vendure plugin allow users log in using email and verification code

Use Case

A lot of times we want visitors (aka customers) to complete their purchase order as quick as possilble. However, they usually hesitate to create a credential to a random online shop at checkout step. So we provide a way to quickly authenticate those visitors by their email and a verification code that is sent to their email.

What it does

  1. Expose a GraphQL Query "requestOneTimeCode".
  2. Add an authentication strategy to GraphQL mutation "authenticate".

How to use

1. Install

yarn add @denz93/vendure-plugin-simple-auth

or

npm i --save @denz93/vendure-plugin-simple-auth

2. Add the plugin to vendure-config.ts file

import { SimpleAuthPlugin } from "@denz93/vendure-plugin-simple-auth";
...
export const config: VendureConfig  = {
 ...
 plugins: [
   ...
   SimpleAuthPlugin.init(options) //see Options
 ]
}

3. Options for SimpleAuthPlugin.init

  • attempts: number

    Plugin will invalidate the verification code after user's attempts.
    default: 5

  • ttl: number

    Time to live
    How long the verification code is valid for.
    default: 600 (seconds)

  • length: number

    How many digits/alphabets the verification code should be.
    default: 6

  • includeAlphabet: boolean

    Should allow alphabet characters.
    default: false (aka digits only)

  • isDev: boolean

    If true, the verification will return along with the response of query. requestOneTimeCode.
    It's for debug and testing.
    default: false

  • cacheModuleOption: CacheModuleOption

    By default, the plugin use "memory" for caching which is underlying using NestJs CacheModule.
    To change cache store to Redis, MongoDB, etc, please see NestJs CacheModule docs here.
    You also want to see here from cache-manager which is underlying used by NestJs.
    Note: should use cache-manager 4.x if using Vendure under 2.x
    default: {}

  • checkCrossStrategies: boolean

    Strictly enforce unique email among all strategies

    For example:

    • One day, user "John" sign in using Google authentication with "john@gmail.com".
    • Another day, user "John" sign in using One-time passcode authenication (this plugin) with the same email.
    • This plugin will throw an error if the flag is enabled.

    default: false.
    Note: This only works if Google authentication plugin using email as an identifier

4. Add EmailHandler to EmailPlugin

** Note: Since v1.3.0 you don't need to config this step anymore. The plugin will automatically append the handler to Email Plugin

// vendure-config.ts

import { oneTimeCodeRequestedEventHandler } from '@denz93/vendure-plugin-simple-auth';

...

export const config: VendureConfig = {
  ...

  plugins: [
    ...

    EmailPlugin.init({
      ...
      handlers: [...defaultEmailHandler, oneTimeCodeRequestedEventHandler]
    })
  ]
}

Future Updates

  • Prevent cross authenticate (Ex: users use same email for GoogleAuth and SimpleAuth)

About

A Vendure plugin allow users log in using email and verification code

Resources

License

Stars

Watchers

Forks

Packages

No packages published