Last active
May 7, 2022 08:22
-
-
Save gr2m/5463426 to your computer and use it in GitHub Desktop.
Imagine the typical backend tasks for user authentication would exist right in the browser. How would the code look like? This is what I came up with. Forks & comments much appreciated! #nobackend #dreamcode
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// sign up | |
account.signUp('joe@example.com', 'secret'); | |
// sign in | |
account.signIn('joe@example.com', 'secret'); | |
// sign in via oauth | |
account.signInWith('twitter'); | |
// sign out | |
account.signOut(); | |
// change password | |
account.changePassword('currentpassword', 'newpassword'); | |
// change username | |
account.changeUsername('currentpassword', 'newusername'); | |
// reset password | |
account.resetPassword('joe@example.com'); | |
// destroy account and all its data | |
account.destroy('currentpassword'); | |
// all methods could alternatively accept a parameter hash | |
// that would also allow for additional user info | |
account.signUp({ | |
username: 'joe2000', | |
password: 'secret', | |
birthday: '1984-05-09', | |
email: 'joe@example.com' | |
}); | |
// that would also allow for a general change method, | |
// that changeUsername or changePassword would simply | |
// be shortcuts for | |
account.change({ | |
birthday: '1984-05-09', | |
}); | |
account.change({ | |
username: 'joe3000', | |
password: 'secret' | |
}); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
something like u = User().email('a@b.c').password('').sudo() could give me a window.user and if pass is wrong, just send an email that allows to sign in once, or change password + autosignin in the other window. Omittting .password() would make the signin code attempt to use whatever browser or other APIs available and fallback to the email-as-login approach. If browser has multiple possibilities like Persona, Oauths, SQRL, then a stored cookie is used to record stats on how succesful the approaches have been, to avoid begging for Facebook Oauth from someone who never used it before, but show it immediately to one who exclusively prefers it.