Authentication for your app. One line.
npm install stackureRequires Node.js 18+. ESM only.
import { auth } from 'stackure';
app.get('/admin', auth({ appId: 'my-app-id', roles: ['admin'] }), (req, res) => {
res.json({ user: req.user });
});- API requests get JSON errors
- Browser requests get redirected to sign-in
import { verify } from 'stackure';
const result = await verify({ appId: 'my-app-id', request: req });
if (!result.authenticated) {
return res.status(result.error.code).json(result.error);
}
res.json({ user: result.user });import { sendMagicLink } from 'stackure';
await sendMagicLink({ email: 'user@example.com', appId: 'my-app-id' });import { logout } from 'stackure';
await logout(req.headers.cookie);Set STACKURE_BASE_URL to point at a non-production environment:
STACKURE_BASE_URL=https://stage.stackure.com node app.jsAll thrown errors are StackureError. Switch on .code:
import { StackureError } from 'stackure';
try {
await sendMagicLink({ email });
} catch (err) {
if (err instanceof StackureError) {
// err.code is one of: "validation" | "auth" | "forbidden" | "timeout" | "network"
}
}Open a PR. Tag a release when ready: git tag vX.Y.Z && git push --tags — the release workflow builds, signs, and publishes.
Report vulnerabilities via GitHub Security Advisories. Releases ship with npm provenance (Sigstore-backed SLSA L3).
MIT