Theo's Typesafe Cult•5mo ago

Auth Library Suggestions

I’m currently developing a iOS app in Swift and I’m trying to use a WebAuth session, however it seems nextauth does not work with a native swift app. Any suggestions on what to use instead?

7 Replies

Neto•5mo ago

is the client a "dumb " client with a js/ts backend?

HelixOP•5mo ago

The web end will be yes (besides having other functionality besides just auth), the on device is native swift.

Neto•5mo ago

lucia then

Neto•5mo ago

https://lucia-auth.com/guides/validate-bearer-tokens

Lucia

Validate bearer tokens

Lucia is an open source auth library that abstracts away the complexity of handling sessions.

Neto•5mo ago

a length-y message but should help you Generate a basic lucia config

// src/lib/auth.ts
import { Lucia, TimeSpan } from "lucia";
import { BetterSqlite3Adapter } from "@lucia-auth/adapter-sqlite";
import sqlite from "better-sqlite3";

export const db = sqlite("luciaa.db", {});

const adapter = new BetterSqlite3Adapter(db, {
  user: "user",
  session: "session",
});

export const lucia = new Lucia(adapter, {
  sessionExpiresIn: new TimeSpan(2, "w"),
});

declare module "lucia" {
  interface Register {
    Lucia: typeof lucia;
    DatabaseSessionAttributes: DatabaseSessionAttributes;
  }

  interface DatabaseSessionAttributes {}
}

// src/lib/auth.ts
import { Lucia, TimeSpan } from "lucia";
import { BetterSqlite3Adapter } from "@lucia-auth/adapter-sqlite";
import sqlite from "better-sqlite3";

export const db = sqlite("luciaa.db", {});

const adapter = new BetterSqlite3Adapter(db, {
  user: "user",
  session: "session",
});

export const lucia = new Lucia(adapter, {
  sessionExpiresIn: new TimeSpan(2, "w"),
});

declare module "lucia" {
  interface Register {
    Lucia: typeof lucia;
    DatabaseSessionAttributes: DatabaseSessionAttributes;
  }

  interface DatabaseSessionAttributes {}
}

Somewhere else, manage user and create session

// src/actions/some-action,ts
import { action } from "@solidjs/router";
import { generateId } from "lucia";
import { db, lucia } from "~/lib/auth";

export const generateToken = action(async () => {
  "use server";

  // can be whatever you want here
  const id = generateId(16);
  const stmt = db.prepare("insert into user (id) values (@id)");
  stmt.run({ id });

  // id should referente the user id from somewhere else
  return lucia.createSession(id, {});
}, "generate-token");

// src/actions/some-action,ts
import { action } from "@solidjs/router";
import { generateId } from "lucia";
import { db, lucia } from "~/lib/auth";

export const generateToken = action(async () => {
  "use server";

  // can be whatever you want here
  const id = generateId(16);
  const stmt = db.prepare("insert into user (id) values (@id)");
  stmt.run({ id });

  // id should referente the user id from somewhere else
  return lucia.createSession(id, {});
}, "generate-token");

How to get the user?

// src/middleware.ts
import { createMiddleware } from "@solidjs/start/middleware";
import { getHeader } from "vinxi/http";
import { lucia } from "./lib/auth";

export default createMiddleware({
  onRequest: async (event) => {
    // the `Authorization: Bearer <sessionId>` is sent from the swift app
    const authorizationHeader = event.request.headers.get("Authorization");
    const sessionId = lucia.readBearerToken(authorizationHeader ?? "");
    if (!sessionId) {
      console.log("invalid session");
      return;
    }

    const { session, user } = await lucia.validateSession(sessionId);

    console.log({ session, user });
  },
});

// src/middleware.ts
import { createMiddleware } from "@solidjs/start/middleware";
import { getHeader } from "vinxi/http";
import { lucia } from "./lib/auth";

export default createMiddleware({
  onRequest: async (event) => {
    // the `Authorization: Bearer <sessionId>` is sent from the swift app
    const authorizationHeader = event.request.headers.get("Authorization");
    const sessionId = lucia.readBearerToken(authorizationHeader ?? "");
    if (!sessionId) {
      console.log("invalid session");
      return;
    }

    const { session, user } = await lucia.validateSession(sessionId);

    console.log({ session, user });
  },
});

User + session

{
  session: {
    id: '...',
    userId: '...',
    fresh: false,
    expiresAt:'...'
  },
  user: { id: '5ousce3a3zkpixg1' }
}

{
  session: {
    id: '...',
    userId: '...',
    fresh: false,
    expiresAt:'...'
  },
  user: { id: '5ousce3a3zkpixg1' }
}

HelixOP•5mo ago

I've got lucia pretty much setup, but the ASWebAuthenticationSession is looking for a callback url, which I dont seem to be getting.

HelixOP•5mo ago

https://gist.github.com/cnbrown04/4ad240958c5746f0b936d90c4e18c0b5 this is that swift code.

Gist

ContentView.swift

GitHub Gist: instantly share code, notes, and snippets.

Gaming

Programming

Auth Library Suggestions