ScalixScalix Docs

Auth SDK (TypeScript)

Client-side authentication helpers for web and React apps

Install

bash
npm install @scalix-world/auth

Initialize

typescript
import { ScalixAuthClient } from "@scalix-world/auth";
 
const auth = new ScalixAuthClient({
  url: "https://api.scalix.world",
});

Sign Up

typescript
const { user, session } = await auth.signUp(
  "user@example.com",
  "secure-password",
  { name: "Alice" }
);

Sign In

typescript
const { user, session } = await auth.signInWithPassword(
  "user@example.com",
  "secure-password"
);
 
console.log(session.access_token);

OAuth

typescript
const { url } = await auth.signInWithOAuth("google", "https://myapp.com/callback");
window.location.href = url;

Supported providers: google, github.

Get Current User

typescript
const user = await auth.getUser();
if (user) {
  console.log(user.email);
}

Sign Out

typescript
await auth.signOut();

Token Refresh

The SDK automatically refreshes access tokens before they expire. To listen for state changes:

typescript
const { unsubscribe } = auth.onAuthStateChange((event, session) => {
  console.log(event); // 'SIGNED_IN' | 'SIGNED_OUT' | 'TOKEN_REFRESHED' | 'USER_UPDATED'
});

MFA

typescript
// Enroll
const factor = await auth.enrollMfa("totp", "My Phone");
// Display factor.totp.qr_code to user
 
// Verify
await auth.verifyMfa(factor.id, "123456");
 
// Challenge (during login)
const result = await auth.challengeMfa(factorId, "123456");

Additional Methods

typescript
// Anonymous sign-in
await auth.signInAnonymously();
 
// Magic link
await auth.signInWithMagicLink("user@example.com");
 
// OTP
await auth.signInWithOtp("+1234567890");
await auth.verifyOtp("+1234567890", "123456");
 
// Update user
await auth.updateUser({ data: { name: "Alice Smith" } });
 
// Refresh session manually
await auth.refreshSession();

React Hook (example)

typescript
function useAuth() {
  const [user, setUser] = useState<User | null>(null);
 
  useEffect(() => {
    auth.getUser().then(setUser);
    const { unsubscribe } = auth.onAuthStateChange((event, session) => {
      if (event === "SIGNED_OUT") setUser(null);
      else auth.getUser().then(setUser);
    });
    return unsubscribe;
  }, []);
 
  return { user, signIn: auth.signInWithPassword, signOut: auth.signOut };
}