Authentication

Pengembang dapat menggunakan fungsi pada auth untuk melakukan berbagai aktivitas otentikasi.

client.auth;

Dokumentasi API server:

• {http|https}://{domain_backend}/swagger/common
• https://mbaas-apidoc.netlify.app

Auth methods

checkEmail(email)

Periksa ketersediaan email.

Method ini hanya dapat digunakan jika API pemeriksaan email diaktifkan. Lihat cara mengaktifkannya.

Arguments

name	type	description
email	string	email pengguna

Return

Promise<object>

Request sukses:

// Email tersedia.

{

data: {

email: "account@somedomain.com",

registered: false,

id: "account@somedomain.com"

},

message: "Email available"

}

// Email sudah digunakan.

{

data: {

email: "admin@mylib.id",

registered: true,

verified: true,

created_at: "2020-01-30T10:18:07.832Z",

updated_at: "2020-01-30T10:18:07.832Z",

id: "admin@mylib.id"

},

message: "Email already in use"

}

Request gagal:

{

error: {

id: "1580379338431",

status: "400",

code: "BADREQ",

title: "root param should have required property 'email'"

}

}

register(provider, data)

Mendaftar pengguna baru.

Arguments

name	type	description
provider	enum "local", "facebook", "google", "twitter", "apple"	provider otentikasi
data	object
data.email	string	email pengguna
data.password	string	password pengguna
data.oauthKey	string	key unik dari login OAuth
data.extras	object	kolom-kolom pengguna

Examples

Mendaftar dengan provider "local":

(async function () {

const registerRes = await client.auth.register("local", {

email: "account@somedomain.com",

password: "12QWaszx",

extras: {

name: "Doctor Grid",

address: "Area18",

country: "ArcCorp",

},

});

})();

Mendaftar dengan provider "twitter". Setelah layar persetujuan OAuth:

(async function () {

const thisUrl = new URL(location.href);

// Verifikasi OAuth.

const loginRes = await client.auth.login("twitter", {

oauthToken: thisUrl.searchParams.get("oauth_token"),

oauthVerifier: thisUrl.searchParams.get("oauth_verifier"),

});

// Jika dapat error.

if (!loginRes.data) {

console.log("loginRes:", loginRes);

return;

}

// Jika pengguna ini sudah terdaftar.

if (loginRes.type === "LoginExisting") {

console.log("loginRes:", loginRes);

return;

}

const loginData = loginRes.data;

// Buatkan pengguna baru berdasarkan akun sosial tersebut.

const registerRes = await client.auth.register("twitter", {

oauthKey: loginData.oauthKey,

email: loginData.email,

extras: {

name: loginData.name,

},

});

})();

Return

Promise<object>

Request sukses:

// Provider "local".

{

data: {

created_at: "2020-01-31T04:19:08.593Z",

updated_at: "2020-01-31T04:19:08.593Z",

roles: ["Reader"],

email: "account@somedomain.com",

social_ids: {

google: null,

twitter: null,

facebook: null,

apple: null

},

verified: false,

fcm_tokens: [],

name: "Doctor Grid",

country: "ArcCorp",

address: "Area18",

id: "7e522de6-9504-4d39-9365-58f4b83fa172"

},

message: "Please confirm your email"

}

// Provider "twitter".

{

data: {

created_at: "2020-02-01T09:58:03.559Z",

updated_at: "2020-02-01T09:58:03.559Z",

roles: ["Reader"],

email: "account@somedomain.com",

social_ids: {

twitter: "70615096712179"

},

verified: true,

fcm_tokens: [],

name: "Doctor Grid",

country: null,

address: null,

id: "27de4dbc-5988-411f-9d10-64dba4844185"

},

message: "You have been registered with twitter account"

}

Request gagal:

{

error: {

id: "1580444398472",

status: "403",

code: "FORBDN",

title: "Key (email)=(account@somedomain.com) already exists."

}

}

resendVerification(email)

Kirim kembali email untuk verifikasi pengguna.

Arguments

name	type	description
email	string	email pengguna

Return

Promise<object>

Request sukses:

{

email: "account@somedomain.com",

message: "Please confirm your email"

}

Request gagal:

{

error: {

id: "1580557887755",

status: "404",

code: "NOTFND",

title: "'email' is not valid"

}

}

oauthRedirect(provider, callback)

Redirect ke layar persetujuan OAuth.

Arguments

name	type	description
provider	enum "facebook", "google", "twitter", "apple"	provider OAuth
callback	string	URL callback setelah selesai persetujuan OAuth

Info tambahan:

• Biasanya untuk satu provider OAuth bisa dikonfigurasi beberapa URL callback. Sesuaikan saja dengan kebutuhan.
• Sebelum menggunakan method ini, pastikan konfigurasi MBaaS untuk Social Media Login sudah terisi dengan benar.
• Khusus untuk Apple, harap ikuti panduan tambahan untuk Apple Sign-in.

Examples

Inisiasi OAuth Twitter untuk login/mendaftar:

(async function () {

const res = await client.auth.oauthRedirect(

"twitter",

"http://localhost:8080/twitter-signin/"

);

})();

Inisiasi OAuth Twitter untuk linking:

(async function () {

const res = await client.auth.oauthRedirect(

"twitter",

"http://localhost:8080/twitter-signin-link/"

);

})();

Return

Client berjalan di browser:

Promise<null> dan otomatis redirect ke layar persetujuan OAuth.

Client berjalan di Node.js:

Promise<object>

{

data: {

url:

"https://api.twitter.com/oauth/authenticate?oauth_token=Qv6vuwAAAAABA_GMAAABb1qyrYA",

provider: "twitter",

id: "twitter"

}

}

Request gagal:

Promise<object>

{

error: {

id: "1580717580748",

status: "400",

code: "BADREQ",

title: "root param should have required property 'callback'"

}

}

redoOAuth(provider)

Redirect ulang ke layar persetujuan OAuth.

Bisa digunakan untuk auto-login setelah berhasil mendaftar.
Untuk Twitter dan Apple, layar persetujuan OAuth tidak bisa digunakan ulang, jadi harus memanggil kembali method oauthRedirect().

Arguments

name	type	description
provider	enum "facebook", "google"	provider OAuth

Examples

Redirect ulang dengan provider "google":

(async function () {

// Setelah berhasil verifikasi OAuth.

const loginData = loginRes.data;

// Buatkan pengguna baru berdasarkan akun sosial tersebut.

const registerRes = await client.auth.register("google", {

oauthKey: loginData.oauthKey,

email: loginData.email,

extras: {

name: loginData.name,

},

});

if (!registerRes.data) {

console.log("registerRes:", registerRes);

return;

}

client.auth.redoOAuth("google");

})();

Untuk memperoleh pengalaman serupa dengan redirect ulang, dengan provider "twitter":

(async function () {

// Setelah berhasil verifikasi OAuth.

const loginData = loginRes.data;

// Buatkan pengguna baru berdasarkan akun sosial tersebut.

const registerRes = await client.auth.register("twitter", {

oauthKey: loginData.oauthKey,

email: loginData.email,

extras: {

name: loginData.name,

},

});

if (!registerRes.data) {

console.log("registerRes:", registerRes);

return;

}

await client.auth.oauthRedirect(

"twitter",

"http://localhost:8080/twitter-signin/"

);

})();

Return

Client berjalan di browser:

null dan otomatis redirect ke layar persetujuan OAuth.

Client berjalan di Node.js:

object

{

reloginUrl:

"https://accounts.google.com/o/oauth2/v2/auth?access_type=offline&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email%20https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile&response_type=code&client_id=1863069999-b0i89531j3cvqt2o.apps.googleusercontent.com&redirect_uri=http%3A%2F%2Flocalhost%3A8080%2Fgoogle-signin%2F",

provider: "google"

}

login(provider, data, intent)

Arguments

name	type	default	description
provider	enum "local", "facebook", "google", "twitter", "apple"		provider otentikasi
data	object
data.email	string		(untuk 'local')
data.password	string		(untuk 'local')
data.callback	string		(untuk 'facebook', 'google')
data.code	string		(untuk 'facebook', 'google')
data.oauthToken	string		(untuk 'twitter')
data.oauthVerifier	string		(untuk 'twitter')
data.oauthKey	string		(untuk 'apple')
intent	enum "register", "link"	"register"	tindakan yang akan dilakukan selanjutnya

Examples

Login dengan provider "local":

(async function () {

const loginRes = await client.auth.login("local", {

email: "admin@mylib.id",

password: "12QWaszx",

});

})();

Verifikasi OAuth Twitter untuk login/mendaftar:

(async function () {

const thisUrl = new URL(location.href);

const loginRes = await client.auth.login("twitter", {

oauthToken: thisUrl.searchParams.get("oauth_token"),

oauthVerifier: thisUrl.searchParams.get("oauth_verifier"),

});

})();

Verifikasi OAuth Google untuk linking:

(async function () {

const thisUrl = new URL(location.href);

const loginRes = await client.auth.login(

"google",

{

callback: "http://localhost:8080/google-signin/",

code: thisUrl.searchParams.get("code"),

},

"link"

);

})();

Return

Promise<object>

Request sukses:

// Provider "local".

{

data: {

provider: "local",

email: "admin@mylib.id",

verified: true,

id: "28dc27d3-8a08-4698-b24c-23e233c533a0"

},

type: "LoginExisting",

message: "You have been logged in"

}

// Provider "twitter", bermaksud login, akun sudah terdaftar/terlinking.

{

data: {

provider: "twitter",

email: "account@somedomain.com",

verified: true,

id: "27de4dbc-5988-411f-9d10-64dba4844185"

},

type: "LoginExisting",

message: "You have been logged in with twitter account"

}

// Provider "twitter", akun belum terdaftar/terlinking.

{

data: {

oauthKey: "99cee2a3-f92e-4c25-8238-e3f81dad0e13",

provider: "twitter",

email: "account@somedomain.com",

name: "Doctor Grid",

id: "70615096712179"

},

type: "LoginOAuth",

message: "Please register or link to an existing user"

}

Request gagal:

// Provider "local".

{

error: {

id: "1580800567355",

status: "404",

code: "NOTFND",

title: "'email' and 'password' do not match any resource"

}

}

// Bermaksud linking, akun sudah terdaftar/terlinking.

{

error: {

name: "ForbiddenError",

message: "Social account already in use"

}

}

// Provider "twitter", kode verifikasi digunakan lagi.

{

error: {

id: "1580803654114",

status: "403",

code: "FORBDN",

title: "'oauthVerifier' is not reusable"

}

}

// Provider "google", kode verifikasi digunakan lagi.

{

error: {

id: "1580803656765",

status: "403",

code: "FORBDN",

title: "'code' is not reusable"

}

}

forgotPassword(email)

Memulai prosedur lupa password.

Arguments

name	type	description
email	string	email pengguna

Return

Request sukses:

Promise<null> dan server mengirimkan email untuk mengatur ulang password.

Request gagal:

Promise<object>

{

error: {

id: "1580792088323",

status: "404",

code: "NOTFND",

title: "'email' is not valid"

}

}

resetPassword(token, password)

Atur ulang password.

Arguments

name	type	description
token	string	token JWT untuk atur ulang password
password	string	password baru

Examples

Atur ulang password. Setelah klik tautan di email:

(async function () {

const thisUrl = new URL(location.href);

const res = await client.auth.resetPassword(

thisUrl.searchParams.get("token"),

"123QWEasd"

);

})();

Return

Promise<object>

Request sukses:

{

data: {

created_at: "2020-02-04T06:38:42.944Z",

updated_at: "2020-02-04T06:39:39.015Z",

roles: ["Reader"],

email: "account@somedomain.com",

social_ids: {

google: null,

twitter: null,

facebook: null,

apple: null

},

verified: false,

fcm_tokens: [],

name: "Doctor Grid",

country: "ArcCorp",

address: "Area18",

id: "7e522de6-9504-4d39-9365-58f4b83fa172"

},

message: "User password reset"

}

Request gagal:

{

error: {

id: "1580800380242",

status: "400",

code: "JWTERR",

title: "The token has been revoked."

}

}