Class: Backlex::Auth

Inherits:

Object

• Object
• Backlex::Auth

Defined in:

lib/backlex/auth.rb

Overview

Auth surface. In app mode (workspace set) calls target that workspace’s own auth pool (“/api/t/<slug>/auth/…”); otherwise the control plane.

Instance Method Summary

• #change_password(new_password, current_password, revoke_other_sessions: false) ⇒ Object

  Change the signed-in user’s password (requires the current password).

• #initialize(client) ⇒ Auth constructor

  A new instance of Auth.

• #list_sessions ⇒ Object

  List the signed-in user’s active sessions (one row per device/login).

• #providers ⇒ Object

  Public auth surface (provider list + policy flags).

• #refresh ⇒ Object

  Mint a fresh access JWT from the stored session token (app mode).

• #request_password_reset(email, redirect_to: nil) ⇒ Object

  Clear the session; in app mode also drops the captured token.

• #reset_password(new_password, token) ⇒ Object

  Complete a reset with the token from the email and a new password.

• #revoke_other_sessions ⇒ Object

  Revoke every session except the current one (sign out other devices).

• #revoke_session(token) ⇒ Object

  Revoke one session by its token (from #list_sessions).

• #revoke_sessions ⇒ Object

  Revoke all sessions, including the current one.

• #send_verification_email(email, callback_url: nil) ⇒ Object

  Send an email-verification link.

• #send_verification_otp(email, type: "sign-in") ⇒ Object

  Email a one-time numeric code (requires the email-otp provider).

• #session ⇒ Object

  Current session payload, or { “user” => nil }.

• #sign_in(email, password) ⇒ Object
• #sign_in_email_otp(email, otp) ⇒ Object

  Complete an email-OTP sign-in with the code from #send_verification_otp.

• #sign_in_magic_link(email, callback_url: nil) ⇒ Object

  Send a one-time sign-in link by email.

• #sign_in_social(provider, callback_url: nil, error_callback_url: nil) ⇒ Object

  Begin an OAuth sign-in; navigate the user to the returned URL.

• #sign_out ⇒ Object
• #sign_up(email, password, name = nil) ⇒ Object
• #token ⇒ Object

  Current workspace session token (app mode); persist and restore via Client.new(token:).

• #token=(value) ⇒ Object

  Restore a workspace session token (app mode).

• #update_user(attributes) ⇒ Object

  Update the signed-in user’s profile (e.g. name / image).

Constructor Details

#initialize(client) ⇒ Auth

Returns a new instance of Auth.

# File 'lib/backlex/auth.rb', line 9

def initialize(client)
  @client = client
end

Instance Method Details

#change_password(new_password, current_password, revoke_other_sessions: false) ⇒ Object

Change the signed-in user’s password (requires the current password).

# File 'lib/backlex/auth.rb', line 70

def change_password(new_password, current_password, revoke_other_sessions: false)
  @client.request("POST", "#{base}/change-password", {
                    "newPassword" => new_password,
                    "currentPassword" => current_password,
                    "revokeOtherSessions" => revoke_other_sessions
                  })
end

#list_sessions ⇒ Object

List the signed-in user’s active sessions (one row per device/login).

# File 'lib/backlex/auth.rb', line 101

def list_sessions
  @client.request("GET", "#{base}/list-sessions")
end

#providers ⇒ Object

Public auth surface (provider list + policy flags).

# File 'lib/backlex/auth.rb', line 121

def providers
  @client.request("GET", "#{base}/providers")["data"]
end

#refresh ⇒ Object

Mint a fresh access JWT from the stored session token (app mode).

# File 'lib/backlex/auth.rb', line 65

def refresh
  @client.request("POST", "#{base}/token/refresh", { "refreshToken" => @client.app_token })
end

#request_password_reset(email, redirect_to: nil) ⇒ Object

Clear the session; in app mode also drops the captured token. Send a password-reset email. redirect_to is the link target.

# File 'lib/backlex/auth.rb', line 53

def request_password_reset(email, redirect_to: nil)
  body = { "email" => email }
  body["redirectTo"] = redirect_to if redirect_to
  @client.request("POST", "#{base}/request-password-reset", body)
end

#reset_password(new_password, token) ⇒ Object

Complete a reset with the token from the email and a new password.

# File 'lib/backlex/auth.rb', line 60

def reset_password(new_password, token)
  @client.request("POST", "#{base}/reset-password", { "newPassword" => new_password, "token" => token })
end

#revoke_other_sessions ⇒ Object

Revoke every session except the current one (sign out other devices).

# File 'lib/backlex/auth.rb', line 111

def revoke_other_sessions
  @client.request("POST", "#{base}/revoke-other-sessions")
end

#revoke_session(token) ⇒ Object

Revoke one session by its token (from #list_sessions).

# File 'lib/backlex/auth.rb', line 106

def revoke_session(token)
  @client.request("POST", "#{base}/revoke-session", { "token" => token })
end

#revoke_sessions ⇒ Object

Revoke all sessions, including the current one.

# File 'lib/backlex/auth.rb', line 116

def revoke_sessions
  @client.request("POST", "#{base}/revoke-sessions")
end

#send_verification_email(email, callback_url: nil) ⇒ Object

Send an email-verification link.

# File 'lib/backlex/auth.rb', line 84

def send_verification_email(email, callback_url: nil)
  body = { "email" => email }
  body["callbackURL"] = callback_url if callback_url
  @client.request("POST", "#{base}/send-verification-email", body)
end

#send_verification_otp(email, type: "sign-in") ⇒ Object

Email a one-time numeric code (requires the email-otp provider). type is “sign-in” (default), “email-verification” or “forget-password”. Complete a sign-in with #sign_in_email_otp.

# File 'lib/backlex/auth.rb', line 41

def send_verification_otp(email, type: "sign-in")
  @client.request("POST", "#{base}/email-otp/send-verification-otp", { "email" => email, "type" => type })
end

#session ⇒ Object

Current session payload, or { “user” => nil }.

# File 'lib/backlex/auth.rb', line 96

def session
  @client.request("GET", "#{base}/get-session")
end

#sign_in(email, password) ⇒ Object

# File 'lib/backlex/auth.rb', line 19

def sign_in(email, password)
  capture(@client.request("POST", "#{base}/sign-in/email", { "email" => email, "password" => password }))
end

#sign_in_email_otp(email, otp) ⇒ Object

Complete an email-OTP sign-in with the code from #send_verification_otp. In app mode the returned session token is captured.

# File 'lib/backlex/auth.rb', line 47

def sign_in_email_otp(email, otp)
  capture(@client.request("POST", "#{base}/sign-in/email-otp", { "email" => email, "otp" => otp }))
end

#sign_in_magic_link(email, callback_url: nil) ⇒ Object

Send a one-time sign-in link by email.

# File 'lib/backlex/auth.rb', line 32

def sign_in_magic_link(email, callback_url: nil)
  body = { "email" => email }
  body["callbackURL"] = callback_url if callback_url
  @client.request("POST", "#{base}/sign-in/magic-link", body)
end

#sign_in_social(provider, callback_url: nil, error_callback_url: nil) ⇒ Object

Begin an OAuth sign-in; navigate the user to the returned URL.

# File 'lib/backlex/auth.rb', line 24

def sign_in_social(provider, callback_url: nil, error_callback_url: nil)
  body = { "provider" => provider, "disableRedirect" => true }
  body["callbackURL"] = callback_url if callback_url
  body["errorCallbackURL"] = error_callback_url if error_callback_url
  @client.request("POST", "#{base}/sign-in/social", body)
end

#sign_out ⇒ Object

# File 'lib/backlex/auth.rb', line 90

def sign_out
  @client.request("POST", "#{base}/sign-out")
  @client.app_token = nil if workspace?
end

#sign_up(email, password, name = nil) ⇒ Object

# File 'lib/backlex/auth.rb', line 13

def sign_up(email, password, name = nil)
  body = { "email" => email, "password" => password }
  body["name"] = name if name
  capture(@client.request("POST", "#{base}/sign-up/email", body))
end

#token ⇒ Object

Current workspace session token (app mode); persist and restore via Client.new(token:).

# File 'lib/backlex/auth.rb', line 126

def token
  @client.app_token
end

#token=(value) ⇒ Object

Restore a workspace session token (app mode).

# File 'lib/backlex/auth.rb', line 131

def token=(value)
  @client.app_token = value
end

#update_user(attributes) ⇒ Object

Update the signed-in user’s profile (e.g. name / image).

# File 'lib/backlex/auth.rb', line 79

def update_user(attributes)
  @client.request("POST", "#{base}/update-user", attributes)
end