Authentication Flows with the Auth Provider
In this document, you'll learn about how the Auth Provider is used in an authentication flow.
How to Authenticate a User
To authenticate a user, you use the authenticate method of the Auth Module's main service (IAuthModuleService). For example:
This method calls the authenticate method of the specified provider and returns its data.
Learn about the parameters and return type of the IAuthModuleService's authenticate method in this reference.
Basic Authentication Flow
If the authenticate method returns the following object:
Then, the user is authenticated successfully, and their authentication details are available within the authUser object.
Learn more about the authUser in this guide.
Authentication with Third-Party Service Flow
If the authenticate method returns the following object:
It means the authentication process requires the user to perform an action with a third-party service. For example, when using the google provider, the user goes to the URL specified in the location's value to log in with their Google account.
validateCallback
Providers handling this authentication flow must implement the validateCallback method. It implements the logic to validate the authentication with the third-party service.
So, once the user performs the required action, the third-party service must redirect to an API route that uses the validateCallback method of the IAuthModuleService. The method calls the specified provider’s validateCallback method passing it the authentication details it received in the second parameter:
Learn more about the parameters and return type of the IAuthModuleService's validateCallback method in this reference.
If the authentication is successful, the auth provider’s validateCallback method returns the same data as the basic authentication:
