The register() method is used to register a new user in the system. It typically requires user credentials such as email, password, and other required details, as defined in the config.json file, including props like username, password, and any additional custom fields specified. Upon successful registration, the system will trigger the "register" event, and the user will receive a token.
The login() method is used when a registered user wants to authenticate themselves. It requires the user to provide their credentials (e.g., email and password). Upon successful login, the system will trigger the "login" event, and the user will receive an authentication token for future requests.
The logout() method is used to log the user out of the system. It clears any active authentication tokens and triggers the "logout" event. After a successful logout, the user will no longer be authenticated, and any further requests requiring authentication will be denied unless the user logs in again.
This event handler listens for authentication-related actions, including register, login, and logout.
client.auth().on(["register", "login", "logout"], token => { /* Store the token in localStorage for future use, such as when the client refreshes the page. */ })The best approach is to store the access token in memory and the refresh token in an HTTP-only cookie. If the request is sent from the browser, noonjs automatically stores the refresh token in the HTTP-only cookie.
The "noonjs" token generally contains both access and refresh tokens. However, if the request is sent from a browser environment, the token object only includes the access token, while the refresh token is stored in an HTTP-only cookie. The access token contains the _id and permissions, while the refresh token only contains the _id.
{
access: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}
The noonjs client manages the token for its own needs, storing it in memory for subsequent REST calls and socket communication. When the client is created, it depends on the environment and requires an initial token if the user is returning.
The noonjs client automatically handles refresh token management when the access token expires. It retrieves a new token by calling the /auth/refresh endpoint with the credentials, so no further action is needed.