A module for logging into Cognito for use with ServisBOT apps.
The instantiation of the SB Auth module requires the cookiejar url, and a fetch function.
const fetch = require("node-fetch");
const { SBAuth } = require("@servisbot/sb-auth");
const SBAuthLib = SBAuth(fetch);
const sbAuth = new SBAuthLib({
cookiejarUrl: "cookiejar.com",
});In all functions the returned object contains a key result, which if 'FAILURE' will include another key message detailing the nature of the failure.
An example of logging a user in and getting back the jwt
const fetch = require("node-fetch");
const { SBAuth } = require("@servisbot/sb-auth");
const SBAuthLib = SBAuth(fetch);
const organization = "flowit";
const username = "some@email.com";
const password = "myPassword";
const sbAuth = new SBAuthLib({
cookiejarUrl: "cookiejar.com",
});
const loginAttempt = await sbAuth.login(organization, username, password);
if (loginAttempt.result === "SUCCESS") {
const jwt = await loginAttempt.user.getToken();
//continue with jwt
}User also has a getExpiresAt and a getUsername function
Similar to a regular login, instead of a success from the login you may get MFA_REQUIRED along with a session. You can then call respondToMFAChallenge with the required token.
let loginAttempt = await sbAuth.login(organization, username, password);
if (loginAttempt.result === "MFA_REQUIRED") {
// do whatever logic is needed to get an MFA token for this user
// then call respondToMFAChallenge, using the session from the previous attempt
loginAttempt = await sbAuth.respondToMFAChallenge(
organization,
username,
loginAttempt.session,
mfaToken
);
if (loginAttempt.result === "SUCCESS") {
const jwt = await loginAttempt.user.getToken();
//continue with jwt
}
}Similar to a regular login, instead of a success from the login you may get NEW_PASSWORD_REQUIRED along with a session. You can then call respondToPasswordResetChallenge with a new password and the session.
let loginAttempt = await sbAuth.login(organization, username, password);
if (loginAttempt.result === "NEW_PASSWORD_REQUIRED") {
//get the new password and pin from the user
loginAttempt = await sbAuth.respondToPasswordResetChallenge(
organization,
username,
newPassword,
pin
);
if (loginAttempt.result === "SUCCESS") {
const jwt = await loginAttempt.user.getToken();
//continue with jwt
}
}Logging in a user with SSO is similar to the regular login, but requiring the SSO creds instead of username/password
const fetch = require("node-fetch");
const { SBAuth } = require("@servisbot/sb-auth");
const SBAuthLib = SBAuth(fetch);
const organization = "flowit";
const code = "myCode";
const codeVerifier = "someCodeVerifier";
const redirectUri = "console.servisbot.com";
const sbAuth = new SBAuthLib({
cookiejarUrl: "cookiejar.com",
});
let loginAttempt = await sbAuth.loginSSO(
organization,
code,
codeVerifier,
redirectUri
);
if (loginAttempt.result === "SUCCESS") {
const jwt = await loginAttempt.user.getToken();
//continue with jwt
}It is possible to request a password reset for a user as follows
const fetch = require("node-fetch");
const { SBAuth } = require("@servisbot/sb-auth");
const SBAuthLib = SBAuth(fetch);
const sbAuth = new SBAuthLib({
cookiejarUrl: "cookiejar.com",
});
const organization = "flowit";
const username = "myuser@email.com";
let resetAttempt = await sbAuth.requestPasswordReset(organization, username);
if (resetAttempt.result === "SUCCESS") {
//the password was succesfully reset
}const fetch = require("node-fetch");
const { SBAuth } = require("@servisbot/sb-auth");
const SBAuthLib = SBAuth(fetch);
const sbAuth = new SBAuthLib({
cookiejarUrl: "cookiejar.com",
});
const organization = "flowit";
const username = "myuser@email.com";
await sbAuth.logout(organization);Similar to a regular login, instead of a success from the login you may get NEW_PASSWORD_REQUIRED along with a session. You can then call respondToCompleteNewPasswordChallenge with the required token, to set a new password for the user
let loginAttempt = await sbAuth.login(organization, username, password);
if (loginAttempt.result === "NEW_PASSWORD_REQUIRED") {
// do whatever logic is needed to get an MFA token for this user
// then call respondToMFAChallenge, using the session from the previous attempt
loginAttempt = await sbAuth.respondToMFAChallenge(
organization,
username,
loginAttempt.session,
newPassword
);
if (resetAttempt.result === "SUCCESS") {
//the password was succesfully reset
}
}Refreshes a token from the http cookie
const fetch = require("node-fetch");
const { SBAuth } = require("@servisbot/sb-auth");
const SBAuthLib = SBAuth(fetch);
const sbAuth = new SBAuthLib({
cookiejarUrl: "cookiejar.com",
});
const organization = "flowit";
const response = await sbAuth.refreshToken(organization);
// Successful response
const response = {
result: 'SUCCESS',
user: {
"jwt": "some jwt", // New JWT
"jwtExpiresAt": 1720106966000, // JWT expire epoch time
"refreshTokenValidity": 120, // JWT expire duration in minutes
"username": "some@email.com", // Username of the authenticated user
}
}
// Network failure response
const response = {
result: 'INTERNAL_SERVER_ERROR',
message: 'Bad response from cookiejar'
}
// Invalid request response
const response = {
result: 'INVALID_REQUEST_ERROR',
message: 'Some error message'
}