# Auth Module Universal, pattern-based authentication token management for multi-auth scenarios. ## Overview The Auth module provides a standardized interface for managing authentication tokens across different providers (PocketBase, Microsoft Graph) and auth flows (delegated, app-only). ## Key Features - **Pattern-based configuration**: Enable only the auth flows you need (`pb`, `graph`, `pb+graph`) - **Unified token storage**: All tokens stored in localStorage under consistent keys - **Type-safe**: Full TypeScript support with explicit token types - **Modular**: Works standalone; extend or integrate with larger auth systems - **No dependencies**: Uses browser APIs only (localStorage, optional PocketBase SDK) ## Quick Start ### Basic Usage ```typescript import Auth from './auth.ts'; // Initialize with pattern and optional config await Auth.configure('pb+graph', { pbUrl: 'http://localhost:8090', graphApiUrl: 'https://graph.microsoft.com/v1.0' }); // Get a token const pbUserToken = Auth.getToken('pb-user'); const graphToken = Auth.getToken('graph-user'); // Set a token Auth.setToken('graph-user', 'access_token_here'); // Clear specific token Auth.clearToken('pb-user'); // Clear all tokens Auth.clearAllTokens(); ``` ## Token Types - `pb-user`: PocketBase user authentication token - `pb-agent`: PocketBase service account token - `graph-user`: Microsoft Graph delegated token (on behalf of user) - `graph-agent`: Microsoft Graph app-only token (service principal) ## Configuration ```typescript interface AuthConfig { pbUrl?: string; // PocketBase URL (default: http://127.0.0.1:8090) graphApiUrl?: string; // Graph API URL (not required for token storage) } ``` ## Security Considerations - Tokens are stored in plaintext in `localStorage` - Never store highly sensitive credentials in browser localStorage - For production: consider using secure HTTP-only cookies via backend - Implement token refresh logic before expiration - Clear tokens on logout ## File Structure ``` auth/ ├── auth.ts # Main module (TypeScript) ├── auth-test.html # Test/demo HTML └── README.md # This file ``` ## Testing Open `auth-test.html` in a browser to test the module functionality. ## Future Enhancements - Token refresh logic - Expiration tracking - Secure storage option (HTTP-only cookies via backend) - Multiple identity provider support - Event emitters for token changes