asyavee/medusa-store
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
Files
8a5d9d04a3f52cf6bb6cabc144d2f4e4641e8b65
medusa-store/www/apps/resources/app/commerce-modules/auth/module-options/page.mdx
Shahed Nasser 72b57e2ae4 docs: rename auth user to auth identity (#7400) 
* docs: rename auth user to auth identity

* updated protected routes guide

* Update www/apps/resources/app/commerce-modules/auth/examples/page.mdx

Co-authored-by: Stevche Radevski <sradevski@live.com>

* store/me -> store/customers/me

* change scope to type

* remove soon notes

---------

Co-authored-by: Stevche Radevski <sradevski@live.com>
2024-05-29 13:47:11 +03:00

233 lines
5.5 KiB
Plaintext
Raw Blame History

---
sidebar_label: "Module Options"
---
import { Table } from "docs-ui"
export const metadata = {
title: `Auth Module Options`,
}
# {metadata.title}
In this document, you'll learn about the options of the Auth Module.
## providers
```js title="medusa-config.js"
const modules = {
// ...
auth: {
resolve: "@medusajs/auth",
options: {
providers: [
{
name: "emailpass",
scopes: {
store: {},
admin: {},
},
},
{
name: "google",
scopes: {
admin: {
clientID: process.env.GOOGLE_CLIENT_ID,
clientSecret: process.env.GOOGLE_CLIENT_SECRET,
callbackURL: process.env.GOOGLE_CALLBACK_URL,
successRedirectUrl:
process.env.GOOGLE_SUCCESS_REDIRECT_URL,
},
},
},
],
},
},
}
```
The `providers` option is an array of objects indicating the auth providers to register, their scopes, and configurations.
Each object accepts the following properties:
- `name`: The provider's name, which is set in the auth provider class's `PROVIDER` field. For example, `emailpass` or `google`.
- `scopes`: An object of scopes. The keys are a scope's name, which in the Medusa application would be either `admin` or `store`. The value is an object of configurations for that scope. Each provider accepts different scope configurations as detailed below.
### emailpass Scope Configurations
<Table>
<Table.Header>
<Table.Row>
<Table.HeaderCell>Configuration</Table.HeaderCell>
<Table.HeaderCell>Description</Table.HeaderCell>
<Table.HeaderCell>Required</Table.HeaderCell>
<Table.HeaderCell>Default</Table.HeaderCell>
</Table.Row>
</Table.Header>
<Table.Body>
<Table.Row>
<Table.Cell>
`hashConfig`
</Table.Cell>
<Table.Cell>
An object of configurations to use when hashing the user's
password. Refer to [scrypt-kdf](https://www.npmjs.com/package/scrypt-kdf#-hash)'s
documentation for accepted options.
</Table.Cell>
<Table.Cell>
No
</Table.Cell>
<Table.Cell>
```ts noCopy noReport noLineNumbers
const hashConfig = {
logN: 15,
r: 8,
p: 1
}
```
</Table.Cell>
</Table.Row>
</Table.Body>
</Table>
### google Scope Configurations
<Note type="check">
Follow [this Google documentation](https://developers.google.com/identity/protocols/oauth2/web-server#prerequisites) to enable Google's APIs and retrieve the necessary credentials.
</Note>
<Table>
<Table.Header>
<Table.Row>
<Table.HeaderCell>Configuration</Table.HeaderCell>
<Table.HeaderCell>Description</Table.HeaderCell>
<Table.HeaderCell>Required</Table.HeaderCell>
<Table.HeaderCell>Default</Table.HeaderCell>
</Table.Row>
</Table.Header>
<Table.Body>
<Table.Row>
<Table.Cell>
`clientID`
</Table.Cell>
<Table.Cell>
A string indicating the [Google API Client ID](https://developers.google.com/identity/oauth2/web/guides/get-google-api-clientid).
</Table.Cell>
<Table.Cell>
Yes
</Table.Cell>
<Table.Cell>
\-
</Table.Cell>
</Table.Row>
<Table.Row>
<Table.Cell>
`clientSecret`
</Table.Cell>
<Table.Cell>
A string indicating the [Google Client Secret](https://support.google.com/cloud/answer/6158849?hl=en#zippy=%2Cstep-create-a-new-client-secret).
</Table.Cell>
<Table.Cell>
Yes
</Table.Cell>
<Table.Cell>
\-
</Table.Cell>
</Table.Row>
<Table.Row>
<Table.Cell>
`callbackURL`
</Table.Cell>
<Table.Cell>
A string indicating the URL to redirect to in your app after the user completes their authentication in Google.
The Medusa application provides the API route `/auth/[scope]/google/callback` that you can use, where `[scope]` is the scope this config belongs to.
For example, `/auth/store/google/callback`.
</Table.Cell>
<Table.Cell>
Yes
</Table.Cell>
<Table.Cell>
\-
</Table.Cell>
</Table.Row>
<Table.Row>
<Table.Cell>
`successRedirectUrl`
</Table.Cell>
<Table.Cell>
A string indicating the URL to redirect to in your app after the authentication has been successful.
If not provided, the Medusa application's callback route just returns a JSON with the JWT token of the auth identity.
</Table.Cell>
<Table.Cell>
No
</Table.Cell>
<Table.Cell>
\-
</Table.Cell>
</Table.Row>
</Table.Body>
</Table>
### Environment Variables
Make sure to add the necessary environment variables for the above options in `.env`:
```bash
GOOGLE_CLIENT_ID=<YOUR_GOOGLE_CLIENT_ID>
GOOGLE_CLIENT_SECRET=<YOUR_GOOGLE_CLIENT_SECRET>
GOOGLE_CALLBACK_URL=<YOUR_GOOGLE_CALLBACK_URL>
GOOGLE_SUCCESS_REDIRECT_URL=<YOUR_GOOGLE_SUCCESS_REDIRECT_URL>
```
---
## Auth CORS
The Medusa application's authentication API routes are defined under the `/auth` prefix that requires setting the `authCors` property of the `http` configuration. So, before using these routes, make sure to set that configuration.
Refer to [Medusa's configuration guide](/references/medusa-config#authCors) for more details.
Reference in New Issue View Git Blame Copy Permalink