tensamin/tauth-sdk
6
0
Fork 0
Code Issues Pull requests Projects Releases 4 Packages Wiki Activity Actions
TypeScript SDK for TAuth
12 commits 1 branch 4 tags 103 KiB
  • TypeScript 72.7%
  • HTML 27.3%
Find a file
Exact
Alois 788f30eea4 (feat): add extra test
2026-05-23 23:01:39 +02:00
dist (feat): update createTTP function 2026-04-14 21:55:17 +02:00
src (feat): update createTTP function 2026-04-14 21:55:17 +02:00
test (feat): add extra test 2026-05-23 23:01:39 +02:00
.gitignore (feat): add first release 2026-04-14 00:58:38 +02:00
bun.lock (feat): add first release 2026-04-14 00:58:38 +02:00
LICENSE Initial commit 2026-04-12 12:10:08 +02:00
package.json (feat): update createTTP function 2026-04-14 21:55:17 +02:00
README.md (fix): bump version 2026-04-14 01:44:22 +02:00
tsconfig.build.json (feat): add first release 2026-04-14 00:58:38 +02:00
tsconfig.json (feat): add first release 2026-04-14 00:58:38 +02:00

README.md

TypeScript TAuth SDK

TypeScript SDK for TAuth-based login and explicit transport session management.

This SDK starts a local HTTP callback server, verifies a challenge, and gives you explicit control over TTP connections per userId:sessionId.

Requirements

  • A modern version of Bun
  • A domain with TXT record support
  • App x448 key pair (privateKey, publicKey) (can be generated)

Install

bun add https://git.methanium.net/tensamin/tauth-sdk/archive/0.0.3.tar.gz

Generate an app key pair

Use the built-in helper once and store the keys securely:

import { generateKeyPair } from "@tensamin/tauth-sdk";

const keys = generateKeyPair();
console.log(keys.private);
console.log(keys.public);

Add the TXT record

Add a TXT record at tauth.your.domain with your app public key as the value (base64 format). This is used to verify that your app is authorized for your domain.

Basic usage

import z from "zod";
import { TAuthClient } from "@tensamin/tauth-sdk";

const client = new TAuthClient({
  identifier: "my.cool.app",
  privateKey: "<APP_PRIVATE_KEY_BASE64>",
  publicKey: "<APP_PUBLIC_KEY_BASE64>",
  saveSession: async (userId, sessionId) => {
    // You must persist the session id yourself (for example in a database).
    // Treat the session id like a password!
    console.log("Save session", { userId, sessionId });
  },
  redirectUrl: "https://my.cool.app/callback", // This should be a public link proxying http://localhost:7878/callback
  appData: z.object({
    my: z.string(),
    cool: z.string(),
    data: z.string(),
  }),
  httpServer: {
    hostname: "localhost",
    port: 7878,
  },
});

Auth endpoints exposed by the SDK

  • GET /auth: Redirects user to TAuth frontend
  • GET /callback: Handles challenge flow and invokes your saveSession(userId, sessionId) callback

Connection management

  • Use client.createTTP(userId, sessionId, omikronUrl) when you want a persistent/manual TTP connection.
  • Use client.loadData(userId, sessionId) for loading user specific application data.
  • Use client.saveData(userId, sessionId) for saving user specific application data.

These endpoints need to be exposed behind some kind of http proxy to apply ssl