🔐 Authentication Blocks

Authentication blocks provide comprehensive functionality for user authentication and authorization in Nodeblocks applications. These blocks handle authentication flows including OAuth, email/password, email verification, and session management.

---

🎯 Overview

Authentication blocks are designed to:

• Support multiple authentication methods (OAuth, email/password)
• Handle email verification and confirmation workflows
• Manage user sessions and security tokens
• Provide secure authentication with device fingerprinting
• Enable flexible registration with various validation options

---

📦 Block Types

🔍 Schemas

JSON Schema definitions for authentication data validation:

• providerSchema: OAuth provider authentication
• credentialsSchema: Email/password authentication
• identitySchema: Flexible authentication with multiple methods
• loginWithCredentialsSchema: Login validation with fingerprinting
• registerCredentialsSchema: User registration validation
• sendVerificationEmailSchema: Email verification requests
• confirmEmailSchema: Email confirmation with tokens
• changeEmailSchema: Email change validation
• checkTokenSchema: Token validation with target context
• confirmNewEmailSchema: New email confirmation validation
• sendResetPasswordLinkEmailSchema: Password reset email validation
• passwordSchema: Password field validation (length/pattern)
• changePasswordSchema: Change password validation
• completePasswordResetSchema: Reset password completion validation
• activateSchema: Account activation validation
• deactivateSchema: Account deactivation validation

View Authentication Schema Blocks →

⚙️ Handlers

Core business logic for authentication operations:

• loginWithCredentials: User authentication with credentials
• createAccessToken: Access token generation
• createRefreshToken: Refresh token generation
• setResponseCookie: Sets auth cookies in response
• logout: Session termination and cleanup
• registerCredentials: User account creation
• sendVerificationEmail: Email verification sending
• confirmEmail: Email confirmation processing
• buildCheckConfirmEmailTokenPayload: Prepares check token payload for confirm-email
• changeEmail: Email change initiation
• checkToken: Token validation processing
• confirmNewEmail: New email confirmation processing
• sendResetPasswordLinkEmail: Password reset email sending
• refreshToken: Access token refresh using refresh token with enhanced security
• deleteToken: Token deletion (admin)
• softDeleteRefreshTokens: Soft delete refresh tokens for identity management
• loginWithOnetimeToken: Authenticate with OTT
• generateOnetimeToken: Generate OTT (admin)
• restoreOnetimeToken: Restore OTT (admin)
• invalidateOnetimeToken: Invalidate OTT (admin)
• changePassword: Password change processing
• activate: Account activation processing
• deactivate: Account deactivation processing
• completePasswordReset: Password reset completion processing

View Authentication Handler Blocks →

🛣️ Routes

HTTP endpoint definitions for authentication operations:

• loginWithCredentialsRoute: POST /auth/login with authentication handler
• logoutRoute: POST /auth/logout with session termination
• refreshTokenRoute: POST /auth/token/refresh with access token refresh
• registerCredentialsRoute: POST /auth/register with account creation
• sendVerificationEmailRoute: POST /auth/:identityId/send-verification-email with email sending
• confirmEmailRoute: POST /auth/confirm-email with token processing
• changeEmailRoute: PATCH /auth/:identityId/change-email with email update processing
• checkTokenRoute: POST /auth/token/check with token validation handler
• deleteRefreshTokensRoute: DELETE /auth/:identityId/refresh-tokens with authentication and access validation
• loginWithOnetimeTokenRoute: GET /auth/ott/login with OTT authentication
• generateOnetimeTokenRoute: POST /auth/ott/generate with OTT generation (admin)
• restoreOnetimeTokenRoute: POST /auth/ott/restore with OTT restore (admin)
• invalidateOnetimeTokenRoute: POST /auth/ott/invalidate with OTT invalidation (admin)
• confirmNewEmailRoute: POST /auth/confirm-new-email with new email verification
• sendResetPasswordLinkEmailRoute: POST /auth/send-reset-password-link-email with password reset email sending
• changePasswordRoute: PATCH /auth/:identityId/change-password with password update processing
• activateRoute: POST /auth/activate with account activation processing
• deactivateRoute: POST /auth/deactivate with account deactivation processing
• completePasswordResetRoute: POST /auth/reset-password with password update

View Authentication Route Blocks →

🚀 Features

Complete authentication management features combining schemas, routes, and handlers:

• loginWithCredentialsFeature: User authentication with validated credentials and secure logout
• registerCredentialsFeature: User registration with credential validation and account creation
• emailVerificationFeature: Email verification request processing with device security
• confirmEmailFeature: Email confirmation token validation and account verification
• changeEmailFeature: Email change initiation with validation
• checkTokenFeature: Token validation with target context
• confirmNewEmailFeature: New email confirmation after email change
• sendResetPasswordLinkEmailFeature: Password reset email generation and sending
• changePasswordFeature: Password change with validation and hashing
• activateFeature: Account activation workflow
• deactivateFeature: Account deactivation workflow
• completePasswordResetFeature: Password reset completion workflow
• refreshTokenFeature: Token refresh feature with schema validation and routing for renewing access tokens
• deleteRefreshTokensFeature: Refresh token deletion feature with schema validation and routing for removing identity refresh tokens

View Authentication Feature Blocks →

✅ Validators

Validation functions for authentication operations:

• isAuthenticated: Validates authentication using configured authenticator
• verifyAuthentication: Validates authentication using provided authenticator function (deprecated)

View Authentication Validator Blocks →

🔧 Blocks

Pure business logic functions for authentication operations:

• Identity Management: User validation and email operations
• Token Management: Secure token lifecycle management
• Email Authentication: Verification and communication functionality
• Security Validation: Fingerprint tracking and request validation

View Authentication Blocks →

---

🔗 Related Documentation

• Authentication Schema Blocks - Authentication data validation and contracts
• Authentication Handler Blocks - Business logic and authentication operations
• Authentication Route Blocks - HTTP endpoint definitions
• Authentication Feature Blocks - Complete authentication management features
• Authentication Validator Blocks - Authentication validation functions
• Invitation Blocks - Related invitation management functionality