Package Exports
- stackure
Readme
Stackure JavaScript SDK
Authentication for your app. One line.
Install
npm install stackureRequires Node.js 18+. ESM only.
Protect a route
import { auth } from 'stackure';
app.get('/admin', auth({ appId: 'my-app-id', roles: ['admin'] }), (req, res) => {
res.json({ user: req.user });
});- API requests get JSON errors
- Browser requests get redirected to sign-in
Verify manually
import { verify } from 'stackure';
const result = await verify({ appId: 'my-app-id', request: req });
if (!result.authenticated) {
return res.status(result.error.code).json(result.error);
}
res.json({ user: result.user });Send a magic link
import { sendMagicLink } from 'stackure';
await sendMagicLink({ email: 'user@example.com', appId: 'my-app-id' });Log out
import { logout } from 'stackure';
await logout(req.headers.cookie);Configuration
Set STACKURE_BASE_URL to point at a non-production environment:
STACKURE_BASE_URL=https://stage.stackure.com node app.jsErrors
All thrown errors are StackureError. Switch on .code:
import { StackureError } from 'stackure';
try {
await sendMagicLink({ email });
} catch (err) {
if (err instanceof StackureError) {
// err.code is one of: "validation" | "auth" | "forbidden" | "timeout" | "network"
}
}Contributing
Open a PR. Tag a release when ready: git tag vX.Y.Z && git push --tags — the release workflow builds, signs, and publishes.
Security
Report vulnerabilities via GitHub Security Advisories. Releases ship with npm provenance (Sigstore-backed SLSA L3).
License
MIT