Authentication
User Password Authentication
Loco
simplifies the user authentication process, allowing you to set up a new website quickly. This feature not only saves time but also provides the flexibility to focus on crafting the core logic of your application.
Authentication Configuration
The auth
feature comes as a default with the library. If desired, you can turn it off and handle authentication manually.
Getting Started with a SaaS App
Create your app using the loco-cli and select the SaaS app (with DB and user auth)
option.
To explore the out-of-the-box auth controllers, run the following command:
Registering a New User
The /api/auth/register
endpoint creates a new user in the database with an email_verification_token
for account verification. A welcome email is sent to the user with a verification link.
Example Curl Request:
For security reasons, if the user is already registered, no new user is created, and a 200 status is returned without exposing user email details.
Login
After registering a new user, use the following request to log in:
Example Curl Request:
The response includes a JWT token for authentication, user ID, name, and verification status.
{
}
- Token: A JWT token enabling requests to authentication endpoints. Refer to the configuration documentation to customize the default token expiration and ensure that the secret differs between environments.
- pid - A unique identifier generated when creating a new user.
- Name - The user's name associated with the account.
- Is Verified - A flag indicating whether the user has verified their account.
Account Verification
Upon user registration, an email with a verification link is sent. Visiting this link updates the email_verified_at
field in the database, changing the is_verified
flag in the login response to true.
Example Curl request:
Reset Password Flow
Forgot Password
The forgot
endpoint requires only the user's email in the payload. An email is sent with a reset password link, and a reset_token
is set in the database.
Example Curl request:
Reset Password
To reset the password, send the token generated in the forgot
endpoint along with the new password.
Example Curl request:
Get current user
This endpoint is protected by auth middleware.
Creating an Authenticated Endpoint
To establish an authenticated endpoint, import controller::middleware
from the loco_rs
library and incorporate the auth middleware into the function endpoint parameters.
Consider the following example in Rust:
use ;
use ;
async
API Authentication
Creating new app
For this time, let create your rest app using the loco-cli and select the Rest app
option.
To create new app, run the following command and follow the instructions:
To explore the out-of-the-box auth controllers, run the following command:
Registering new user
The /api/auth/register
endpoint creates a new user in the database with an api_key
for request authentication. api_key
will be used for authentication in the future requests.
Example Curl Request:
After registering a new user, make sure you see the api_key
in the database for the new user.
Creating an Authenticated Endpoint with API Authentication
To set up an API-authenticated endpoint, import controller::middleware
from the loco_rs library and include the auth middleware in the function endpoint parameters using middleware::auth::ApiToken
.
Consider the following example in Rust:
use *;
use middleware;
use crate::;
async
Requesting an API Authenticated Endpoint
To request an authenticated endpoint, you need to pass the API_KEY
in the Authorization
header.
Example Curl Request:
If the API_KEY
is valid, you will get the response with the user details.