Passwords

Email and password login is a traditional authentication method where users provide a registered email address and a secure password to access an application.

It offers a straightforward setup for both developers and users, with the flexibility to incorporate password policies, multi-factor authentication, and password reset workflows.

While familiar to most users, this method requires robust security measures to protect against common threats like password breaches and phishing attacks.

You can see the implementation below

https://github.com/madewithnovel/novel/blob/main/app/auth/password.ts

https://github.com/madewithnovel/novel/blob/main/app/api/internal/v1/auth-strategy/index.ts

You can create a different Password flow by following this guide

Confugration

You will need to set up the after_login setting if you have changed the default page structure in Novel Web.

If you changed /web/app/(app)/dashboard to /web/app/(app)/apps for example, you will need to change the configuration in /config/auth.js .

/**
 * Override the redirects here with the custom pages that you have so you can reference
 * them easily in your server code.
 */
routes: {
	login: '/login',
	mfa: '/login/mfa',
	forget: '/login/forget',
	link: '/login/link',
	verify: '/mail/verify',
	signup: '/signup',
	
	logout: '/logout',
},

API

Auth by Strategy

post

Authenticate by strategy available to the application.

Path parameters
strategystringRequired
Body
emailstring · emailOptional
passwordstringOptional
Responses
200
Authentication successful. Redirecting to next step...
application/json
post
POST /auth/{strategy} HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 44

{
  "email": "[email protected]",
  "password": "text"
}
{
  "redirect_to": "text"
}

Auth Callback

get

Callback called by an authentication strategy available to the application.

Path parameters
strategystringRequired
Responses
301
Authentication successful. Redirecting to next step...
application/json
Responseany

Authentication successful. Redirecting to next step...

get
GET /auth/{strategy}/callback HTTP/1.1
Host: 
Accept: */*
301

Authentication successful. Redirecting to next step...

No content

Changelog

  • 2024-12-20 - Initial Documentation

Last updated

Was this helpful?