This package is made on mysql2
and next
. The functions exported here is treated as server side functions. This package is able to create connection with your MySQL database and handle user authentication.
Recommended to use inside
server components
oruse server
files.
Remember to add following at your .env.local
- CRYPTO_PASSWORD [optional]
- MYSQL_HOST
- MYSQL_USER
- MYSQL_PASSWORD
- MYSQL_DATABASE
Select queries
select({
user: { where: "(userId, password) IN (('123456789', 'P#@$%745458'))" },
});
// or
select({ user: { where: "rating>2000" } });
Update queries
update(
{ item: { price: 200, discount: 5 } },
{ where: "(itemId) IN (('IT78945'))" }
);
// or
update({ item: { price: 200, discount: 5 } }, { where: "price=300" });
Delete queries
del({ item: { where: "(itemId) IN (('IT78945'))" } });
// or
del({ item: { where: "price<10" } });
These queries only checks the equality of the given fields.
Select queries
select({ user: { userId: 123456789, password: "P#@$%745458" } });
Update queries
update({ item: { price: 200, discount: 5 } }, { itemId: "IT78945" });
Delete queries
del({ item: { itemId: "IT78945" } });
Insert queries
insert({ item: { itemId: "IT78945", price: 300, discount: 15 } });
You can directly executes any
SQL
queries including complex queries with theexecute
.
execute("SELECT ...");
execute("INSERT ...");
execute("UPDATE ...");
execute("DELETE ...");
Following functions are provided to handle authentication.
signin = async (userTable: Table): Promise<Tuple|undefined>
This function takes the user
table-name
andfield
information to check whether the given information exists inside database or not. If exists it returns thetuple
containing complete user information as defined by your user table of your database; otherwise returnsundefined
.
//_Examples are given here_
signin({ user: { id: "my-user-id", password: "my-password" } });
// or
signin({ user: { emailId: "my-user-id", password: "my-password" } });
//or
signin({ user: { emailId: "my-user-id", password: "my-password", active: 1 } });
You only need to invoke signout()
authCheck = async (): Promise<Tuple|undefined>
After successfully signed-in this function is invoked for every request to see whether the user is signed-in or not. If the user is authentic and signed-in user, then it returns the
tuple
containing complete user information as defined by your user table of your database; otherwise returnsundefined
.This function works only when the request is made directly from the user's browser.
authCheckFor = async ({sessionCipher, ip, agent}: BrowserClientAuth): Promise<Tuple|undefined>
This function works exactly same way as the above function
authCheck
. The only difference is that it allows themiddleware
to communicate with theapi
existing in the same server to validate the user authentication.Since
middleware
doesn't have access to full functionality of server, it sometimes useapi
call to get information from the server.
- At first
middleware
invokes thebrowserClientAuth
function.getBrowserClientAuth = async (): Promise<BrowserClientAuth | undefined>
.
const clientAuth = await getBrowserClientAuth();
- Then
middleware
usesfetch
oraxios
to invoke anauth check api
.
//Inside `middleware` this `api` is invoked
const response = await fetch("<api-url>", {
method: "POST",
body: JSON.stringify(clientAuth),
});
const userInfo = await response.json();
- Then the
api
, that may be declared as follows, usesauthCheckFor
to validate the end user authentication. and response the user information to themiddleware
.
//The `api` can be written as follows:
export async function POST(req: Request) {
const { sessionCipher, ip, agent } = await req.json();
const user = await authCheckFor({ sessionCipher, ip, agent });
return Response.json(user);
}