c33ee3dfe7
- Create modular project structure with src/backend, src/frontend, public - Hono server with routing, static file serving, and API endpoints - TailwindCSS styling pipeline with Tailwind CLI - Vanilla JS frontend (extensible for frameworks) - Complete TypeScript configuration and type checking - Auth module as self-contained submodule - Ready for development: bun run dev (port 3000) - All dependencies installed and tested Also: - Lock main branch with read-only settings in VS Code - Create .github/copilot-instructions.md with Monica persona - Initialize session logging system Status: Project ready for feature development
2.4 KiB
2.4 KiB
Auth Module
Universal, pattern-based authentication token management for multi-auth scenarios.
Overview
The Auth module provides a standardized interface for managing authentication tokens across different providers (PocketBase, Microsoft Graph) and auth flows (delegated, app-only).
Key Features
- Pattern-based configuration: Enable only the auth flows you need (
pb,graph,pb+graph) - Unified token storage: All tokens stored in localStorage under consistent keys
- Type-safe: Full TypeScript support with explicit token types
- Modular: Works standalone; extend or integrate with larger auth systems
- No dependencies: Uses browser APIs only (localStorage, optional PocketBase SDK)
Quick Start
Basic Usage
import Auth from './auth.ts';
// Initialize with pattern and optional config
await Auth.configure('pb+graph', {
pbUrl: 'http://localhost:8090',
graphApiUrl: 'https://graph.microsoft.com/v1.0'
});
// Get a token
const pbUserToken = Auth.getToken('pb-user');
const graphToken = Auth.getToken('graph-user');
// Set a token
Auth.setToken('graph-user', 'access_token_here');
// Clear specific token
Auth.clearToken('pb-user');
// Clear all tokens
Auth.clearAllTokens();
Token Types
pb-user: PocketBase user authentication tokenpb-agent: PocketBase service account tokengraph-user: Microsoft Graph delegated token (on behalf of user)graph-agent: Microsoft Graph app-only token (service principal)
Configuration
interface AuthConfig {
pbUrl?: string; // PocketBase URL (default: http://127.0.0.1:8090)
graphApiUrl?: string; // Graph API URL (not required for token storage)
}
Security Considerations
- Tokens are stored in plaintext in
localStorage - Never store highly sensitive credentials in browser localStorage
- For production: consider using secure HTTP-only cookies via backend
- Implement token refresh logic before expiration
- Clear tokens on logout
File Structure
auth/
├── auth.ts # Main module (TypeScript)
├── auth-test.html # Test/demo HTML
└── README.md # This file
Testing
Open auth-test.html in a browser to test the module functionality.
Future Enhancements
- Token refresh logic
- Expiration tracking
- Secure storage option (HTTP-only cookies via backend)
- Multiple identity provider support
- Event emitters for token changes