Allow the currently logged in user to change their password by passing their existing password and a new password.
const currentPassword = 'P@$5w0rd'
const newPassword = 'P@$5w0rD'
await authService.changePassword(currentPassword, newPassword)
Check if MFA is enabled for this current user.
const isMfaEnabled = await authService.checkIsMfaEnabled()
if (isMfaEnabled) {
// Allow disabling MFA
} else {
// Allow enabling MFA
}
Disable MFA for the current user.
await authService.disableMfa()
Allow a user to start the forgot password process. The user will be emailed a temporary code that must be passed with a new password to the function returned.
const username = 'user@email.io'
const finishForgotPassword = await authService.forgotPassword(username)
// Prompt the user to enter the code and a new password
const code = prompt(
'You have been emailed a verification code, please enter it here.',
)
const newPassword = prompt('Please enter a new password to continue.')
await finishForgotPassword(code, newPassword)
Used to give the resulting email sent to the user associated forms app branding and sending address
Generate a QR code link to display to a user after they have initiated MFA setup.
const mfaSetupQrCodeUrl = authService.generateMfaQrCodeUrl()
if (mfaSetupQrCodeUrl) {
// use mfaSetupQrCodeUrl to display QR code to user
}
Get the current user's App User details for a OneBlink Forms App. Returns
undefined if the current user is not logged in.
const formsAppId = 1
const formsAppUserDetails =
await authService.getCurrentFormsAppUser(formsAppId)
if (!formsAppUserDetails) {
// handle unauthorised user
}
Can be used to extract the keyId from the Forms Key token passed to
setFormsKeyToken(). Will be undefined if the token has not been set yet.
const keyId = authService.getFormsKeyId()
if (keyId) {
// Use keyId here...
}
Get the Id Token used to make requests to the OneBlink API. This will return
undefined if the current user is not logged in.
const idToken = await authService.getIdToken()
if (idToken) {
await fetch(url, {
headers: {
Authorization: `Bearer ${idToken}`,
},
})
} else {
// Handle user not being logged in
}
A friendly string that represents the current user. Uses first name, last
name, full name and username. This will return null the current user is not
logged in.
const name = authService.getUserFriendlyName()
if (name) {
// Display current user's name
}
Get current users profile based on there Id Token payload. This will return
null if the the current user is not logged in.
const profile = authService.getUserProfile()
if (profile) {
// Use profile here
}
Can be used to retrieve the userToken passed to setUserToken(). Will be
undefined if the token has not been set yet.
const userToken = authService.getUserToken()
if (userToken) {
// Use token here...
}
This function should be called when the user is redirected back to your app
after a login attempt. It will use the query string add the redirect URL to
create a session for the current user. It will return a URL as a string
that should be redirected to within your app.
try {
const continueTo = await authService.handleAuthentication()
// Redirect the user back to where they were before attempting to login
window.location.href = continueTo
} catch (error) {
// handle failed login attempts here.
}
Initialize the service with required configuration. This must be done before using before some of the function in this service.
authService.init({
oAuthClientId: 'YOUR_OAUTH_CLIENT_ID',
})
Determine if the current user is a OneBlink App User administrator for a
OneBlink Forms App. Returns false if the current user is not.
const formsAppId = 1
const isAdministrator = await authService.isAdministrator(formsAppId)
if (isAdministrator) {
// handle administator user
}
Determine if the current user is a OneBlink App User for a OneBlink Forms
App. Returns false if the current user is not logged in.
const formsAppId = 1
const isAuthorised = await authService.isAuthorised(formsAppId)
if (!isAuthorised) {
// handle unauthorised user
}
Check if the user is currently logged in
const isLoggedIn = authService.isLoggedIn()
// handle user being logged in or not
Redirect the user to the login screen. Passing an identityProvider is
optionally, it will allow users to skip the login page and be directed
straight to that providers login page
// OPtionally pass a
const identityProvider = 'Google'
await authService.loginHostedUI(identityProvider)
// User will be redirected to login page or promise will resolve
Create a session for a user by entering a username and password. If the user requires a password reset, the "resetPasswordCallback" property will be returned. This function should be called with the new password once entered by the user. If the user requires an MFA token, the "mfaCodeCallback" property will be returned. This function should be called with a one-time token generated from an authenticator app. The functions returned are recursive and the result from each of them is the same result from the loginUsernamePassword() function. Each time the response includes a callback, you will need to begin the process again until all callbacks are handled.
async function handleLoginAttemptResponse({
resetPasswordCallback,
mfaCodeCallback,
}) {
// "resetPasswordCallback" will be undefined if a password reset was not required.
if (resetPasswordCallback) {
// Prompt the user to enter a new password
const newPassword = prompt(
'The password you entered was only temporary, and must be reset for security purposes. Please enter your new password below to continue.',
)
const resetPasswordResponse =
await resetPasswordCallback(newPassword)
return await handleLoginAttemptResponse(resetPasswordResponse)
}
// "mfaCodeCallback" will be undefined if MFA is not setup.
if (mfaCodeCallback) {
// Prompt the user to enter an MFA code
const code = prompt(
'Please enter a one-time code from your MFA app.',
)
const mfaCodeResponse = await mfaCodeCallback(code)
return await handleLoginAttemptResponse(mfaCodeResponse)
}
}
const username = 'user@email.io'
const password = 'P@$5w0rd'
const loginAttemptResponse = await authService.loginUsernamePassword(
username,
password,
)
await handleLoginAttemptResponse(loginAttemptResponse)
Log the current user out and remove an data stored locally by the user e.g. drafts.
await authService.logout()
Redirect the user to the logout screen to clear the users session on the
hosted login page. User will then be redirected to /logout. After being
redirected back to the application, the logout() function should be called
to clear the session data from browser storage.
authService.logoutHostedUI()
Register a listener function that will be call when authentication tokens are updated or removed.
const listener = async () => {
// Check if the user is logged in still
const isLoggedIn = authService.isLoggedIn()
}
const deregister = await authService.registerAuthListener(listener)
// When no longer needed, remember to deregister the listener
deregister()
Register a listener function that will be call when authentication tokens are updated or removed.
const listener = async () => {
// Check if the user is logged in still
const isLoggedIn = authService.isLoggedIn()
}
const deregister = await authService.registerAuthListener(listener)
// When no longer needed, remember to deregister the listener
deregister()
If the current user is not a Forms App User, this function will send a request on behalf of the current user to the OneBlink Forms App administrators to request access.
const formsAppId = 1
await authService.requestAccess(formsAppId)
// Display a message to user indicating a request has been sent to the application administrators
Set the Forms Key token being used to make requests to the OneBlink API on behalf of the user.
authService.setFormsKeyToken('a valid json web token')
Set the User token being included in requests to the OneBlink API on behalf of the user.
authService.setUserToken('a value')
Setup MFA for the current user. The result will include a callback that should be called with the valid TOTP from an authenticator app.
const { secretCode, mfaCodeCallback } = await authService.setupMfa()
// Prompt the user to enter an MFA code
const code = prompt(
`Please enter a one-time code from your MFA app after creating a new entry with secret: ${secretCode}.`,
)
await mfaCodeCallback(code)
Allow a user to sign up to a forms app.
await authService.signUp({
formsAppId: 1,
email: 'test@oneblink.io',
firstName: 'first',
lastName: 'last',
})
Authentication/Authorisation Service
Helper functions for handling user authentication and authorisation.
NOTE:
init()must be called before using some of the functions in this service.