Authentication
Solobase provides a complete authentication system with JWT tokens, OAuth providers, user management, and secure session handling. Learn how to implement authentication in your applications.
Overview
Solobase authentication is built on industry standards and provides everything you need to secure your application. It's fully compatible with Supabase's authentication API, so you can use the same patterns and methods.
JWT Tokens
Secure, stateless authentication with JSON Web Tokens
User Management
Complete user lifecycle management and profiles
OAuth Support
Sign in with Google, GitHub, and other providers
Session Management
Automatic token refresh and session persistence
Quick Start
Initialize the Client
JavaScript
import { createClient } from 'solobase-js'
const solobase = createClient('https://your-solobase.com')
// Listen to auth changes
solobase.auth.onAuthStateChange((event, session) => {
console.log(event, session)
})Sign Up
const { data, error } = await solobase.auth.signUp({
email: 'user@example.com',
password: 'securepassword123',
options: {
data: {
first_name: 'John',
last_name: 'Doe'
}
}
})
if (error) {
console.error('Signup error:', error.message)
} else {
console.log('User created:', data.user)
console.log('Session:', data.session)
}Sign In
const { data, error } = await solobase.auth.signInWithPassword({
email: 'user@example.com',
password: 'securepassword123'
})
if (error) {
console.error('Login error:', error.message)
} else {
console.log('Logged in:', data.user)
}User Management
Get Current User
// Get current user
const { data: { user } } = await solobase.auth.getUser()
if (user) {
console.log('Current user:', user)
} else {
console.log('No user logged in')
}Update User
const { data, error } = await solobase.auth.updateUser({
email: 'newemail@example.com',
password: 'newpassword123',
data: {
username: 'johndoe',
avatar_url: 'https://example.com/avatar.jpg'
}
})
if (error) {
console.error('Update error:', error.message)
} else {
console.log('User updated:', data.user)
}Sign Out
const { error } = await solobase.auth.signOut()
if (error) {
console.error('Logout error:', error.message)
} else {
console.log('Successfully logged out')
}OAuth Authentication
Solobase supports OAuth authentication with popular providers like Google, GitHub, and more. This allows users to sign in using their existing accounts.
Google OAuth
const { data, error } = await solobase.auth.signInWithOAuth({
provider: 'google',
options: {
redirectTo: 'https://yourapp.com/callback',
scopes: 'email profile'
}
})
if (error) {
console.error('OAuth error:', error.message)
} else {
// User will be redirected to Google
console.log('Redirecting to OAuth provider...')
}GitHub OAuth
const { data, error } = await solobase.auth.signInWithOAuth({
provider: 'github',
options: {
redirectTo: 'https://yourapp.com/callback'
}
})OAuth Configuration Required
You need to configure OAuth providers in your Solobase server settings with the appropriate client IDs and secrets.
Session Management
Get Session
const { data: { session } } = await solobase.auth.getSession()
if (session) {
console.log('Access token:', session.access_token)
console.log('Refresh token:', session.refresh_token)
console.log('Expires at:', session.expires_at)
} else {
console.log('No active session')
}Refresh Session
const { data, error } = await solobase.auth.refreshSession()
if (error) {
console.error('Refresh error:', error.message)
} else {
console.log('Session refreshed:', data.session)
}Listen to Auth Changes
const { data: { subscription } } = solobase.auth.onAuthStateChange(
(event, session) => {
switch (event) {
case 'INITIAL_SESSION':
// Initial session loaded
break
case 'SIGNED_IN':
console.log('User signed in:', session.user)
break
case 'SIGNED_OUT':
console.log('User signed out')
break
case 'PASSWORD_RECOVERY':
console.log('Password recovery initiated')
break
case 'TOKEN_REFRESHED':
console.log('Token refreshed')
break
case 'USER_UPDATED':
console.log('User updated:', session.user)
break
}
}
)
// Unsubscribe when component unmounts
// subscription.unsubscribe()Password Reset
Request Password Reset
const { data, error } = await solobase.auth.resetPasswordForEmail({
email: 'user@example.com',
options: {
redirectTo: 'https://yourapp.com/reset-password'
}
})
if (error) {
console.error('Password reset error:', error.message)
} else {
console.log('Password reset email sent')
}Update Password
const { data, error } = await solobase.auth.updateUser({
password: 'newpassword123'
})
if (error) {
console.error('Password update error:', error.message)
} else {
console.log('Password updated successfully')
}React Integration Example
Here's a complete example of how to integrate Solobase authentication in a React application:
useAuth.js - Custom Hook
import { useState, useEffect } from 'react'
import { createClient } from 'solobase-js'
const solobase = createClient('https://your-solobase.com')
export function useAuth() {
const [user, setUser] = useState(null)
const [loading, setLoading] = useState(true)
useEffect(() => {
// Get initial session
solobase.auth.getSession().then(({ data: { session } }) => {
setUser(session?.user ?? null)
setLoading(false)
})
// Listen for auth changes
const { data: { subscription } } = solobase.auth.onAuthStateChange(
(_event, session) => {
setUser(session?.user ?? null)
setLoading(false)
}
)
return () => subscription.unsubscribe()
}, [])
const signUp = async (email, password) => {
const { data, error } = await solobase.auth.signUp({
email,
password
})
return { data, error }
}
const signIn = async (email, password) => {
const { data, error } = await solobase.auth.signInWithPassword({
email,
password
})
return { data, error }
}
const signOut = async () => {
const { error } = await solobase.auth.signOut()
return { error }
}
return {
user,
loading,
signUp,
signIn,
signOut
}
}App.jsx - Usage Example
import { useAuth } from './useAuth'
function App() {
const { user, loading, signIn, signUp, signOut } = useAuth()
const [email, setEmail] = useState('')
const [password, setPassword] = useState('')
if (loading) {
return <div>Loading...</div>
}
if (!user) {
return (
<div className="auth-form">
<h2>Sign In to Your Account</h2>
<form onSubmit={async (e) => {
e.preventDefault()
const { error } = await signIn(email, password)
if (error) alert(error.message)
}}>
<input
type="email"
placeholder="Email"
value={email}
onChange={(e) => setEmail(e.target.value)}
required
/>
<input
type="password"
placeholder="Password"
value={password}
onChange={(e) => setPassword(e.target.value)}
required
/>
<button type="submit">Sign In</button>
</form>
<button onClick={async () => {
const { error } = await signUp(email, password)
if (error) alert(error.message)
}}>
Sign Up Instead
</button>
</div>
)
}
return (
<div className="app">
<h1>Welcome, {user.email}!</h1>
<button onClick={signOut}>Sign Out</button>
{/* Your authenticated app content */}
</div>
)
}Security Best Practices
Strong Password Requirements
Implement strong password policies on both client and server side. Require minimum length, complexity, and consider rate limiting.
Secure Token Storage
The SDK automatically handles secure token storage using httpOnly cookies and localStorage with appropriate fallbacks.
HTTPS in Production
Always use HTTPS in production to protect tokens and user data in transit. Configure your server with proper SSL certificates.
Next Steps
Now that you understand authentication, explore other Solobase features: