AuthClient
Defined in: packages/auth/src/client/AuthClient.ts:153
Authentication client for an Eventista Account/Auth service.
Construct once per environment and reuse the instance across
services. Every method returns an AuthResponse discriminated
shape — methods never throw on auth failure. Branch on
result.isErr, then on result.code (a stable code from
AUTH_ERROR_CODES) for error handling.
The class deliberately mirrors the RestClient pattern from
@eventista/sdk-api-client for consistency across the SDK suite — every
method’s logic lives directly on the class (no separate services/
module).
Example
Section titled “Example”import { AuthClient, AuthEnvironment } from "@eventista/sdk-auth";
const auth = new AuthClient({ environment: AuthEnvironment.Production, onTokensChanged: (tokens) => { if (tokens) console.log("signed in", tokens.expiresAt); else console.log("signed out"); },});
const result = await auth.login({ email: "a@b.test", password: "secret" });if (result.isErr) { console.error(result.code, result.errorCode, result.err);} else { console.log("welcome", result.data.user.email);}Constructors
Section titled “Constructors”Constructor
Section titled “Constructor”new AuthClient(
options):AuthClient
Defined in: packages/auth/src/client/AuthClient.ts:170
Create an authentication client.
Parameters
Section titled “Parameters”options
Section titled “options”Connection settings. environment is required —
the SDK resolves the Account/Auth service URL from it.
The class instantiates its own underlying RestClient from the
options provided — consumers do not need to construct one.
Returns
Section titled “Returns”AuthClient
Methods
Section titled “Methods”changePassword()
Section titled “changePassword()”changePassword(
input):Promise<AuthResponse<ChangePasswordResult>>
Defined in: packages/auth/src/client/AuthClient.ts:452
Change the password of the currently authenticated user.
Requires a valid access token (the auth interceptor injects it from storage automatically).
Parameters
Section titled “Parameters”Old and new password.
Returns
Section titled “Returns”Promise<AuthResponse<ChangePasswordResult>>
AuthResponse with data: { ok: true } on success.
On failure, result.code may be AUTH_INVALID_CREDENTIALS or
AUTH_UNAUTHORIZED.
clearTokens()
Section titled “clearTokens()”clearTokens():
Promise<void>
Defined in: packages/auth/src/client/AuthClient.ts:618
Clear local tokens without calling the backend. Fires
onTokensChanged(null) if configured.
Returns
Section titled “Returns”Promise<void>
forgotPassword()
Section titled “forgotPassword()”forgotPassword(
input):Promise<AuthResponse<ForgotPasswordResult>>
Defined in: packages/auth/src/client/AuthClient.ts:389
Send a forgot-password email containing a reset link.
Parameters
Section titled “Parameters”Email, redirect URI, optional captcha token.
Returns
Section titled “Returns”Promise<AuthResponse<ForgotPasswordResult>>
AuthResponse with data: { ok: true } on success.
On failure, result.code may be AUTH_EMAIL_NOT_REGISTERED or
AUTH_NETWORK_ERROR.
getTokens()
Section titled “getTokens()”getTokens():
Promise<AuthTokens|null>
Defined in: packages/auth/src/client/AuthClient.ts:610
Read the currently stored tokens, or null when not signed in.
Returns
Section titled “Returns”Promise<AuthTokens | null>
getUserInfo()
Section titled “getUserInfo()”getUserInfo(
input?):Promise<AuthResponse<UserInfo>>
Defined in: packages/auth/src/client/AuthClient.ts:579
Fetch the currently authenticated user’s profile.
The auth interceptor injects the bearer token from storage. Pass
accessToken in the input to override.
Parameters
Section titled “Parameters”input?
Section titled “input?”Optional access token override; otherwise read from storage.
Returns
Section titled “Returns”Promise<AuthResponse<UserInfo>>
AuthResponse wrapping a UserInfo. On
failure, result.code is AUTH_UNAUTHORIZED.
login()
Section titled “login()”login(
input):Promise<AuthResponse<LoginResult>>
Defined in: packages/auth/src/client/AuthClient.ts:219
Sign in with email and password. Persists tokens on success and
fires the onTokensChanged callback.
Parameters
Section titled “Parameters”Email and password.
Returns
Section titled “Returns”Promise<AuthResponse<LoginResult>>
AuthResponse wrapping a LoginResult on
success. On failure, result.code is one of
AUTH_INVALID_CREDENTIALS, AUTH_EMAIL_UNVERIFIED, or
AUTH_NETWORK_ERROR.
loginWithGoogle()
Section titled “loginWithGoogle()”loginWithGoogle(
input):Promise<AuthResponse<LoginResult>>
Defined in: packages/auth/src/client/AuthClient.ts:272
Sign in with a Google ID token. Same surface as AuthClient.login but takes a Google ID token instead of email/password.
Parameters
Section titled “Parameters”Google idToken.
Returns
Section titled “Returns”Promise<AuthResponse<LoginResult>>
AuthResponse wrapping a LoginResult on
success. On failure, result.code is AUTH_INVALID_CREDENTIALS
or AUTH_NETWORK_ERROR.
logout()
Section titled “logout()”logout(
input?):Promise<AuthResponse<LogoutResult>>
Defined in: packages/auth/src/client/AuthClient.ts:548
Revoke the refresh token on the backend (best-effort) and clear local tokens.
Logout always returns a success-shaped response — local state must
always be cleared so the consumer can redirect to a sign-in screen
even when the network is down. Backend failures are logged via the
supplied logger if any.
Parameters
Section titled “Parameters”input?
Section titled “input?”Optional refresh token override.
Returns
Section titled “Returns”Promise<AuthResponse<LogoutResult>>
AuthResponse with data: { ok: true } once local
tokens have been cleared.
refresh()
Section titled “refresh()”refresh(
input?):Promise<AuthResponse<RefreshResult>>
Defined in: packages/auth/src/client/AuthClient.ts:486
Exchange a refresh token for a new access token. Falls back to the
stored refresh token when input.refreshToken is omitted. Persists
the new tokens on success and fires onTokensChanged.
Parameters
Section titled “Parameters”input?
Section titled “input?”Optional refresh token override.
Returns
Section titled “Returns”Promise<AuthResponse<RefreshResult>>
AuthResponse wrapping a RefreshResult.
On failure, result.code is AUTH_REFRESH_TOKEN_MISSING (no
token available locally) or AUTH_REFRESH_FAILED (backend
rejection).
register()
Section titled “register()”register(
input):Promise<AuthResponse<RegisterResult>>
Defined in: packages/auth/src/client/AuthClient.ts:332
Register a new account.
The backend may either issue tokens immediately (verification
disabled) or only trigger a verification email. Inspect
result.data.status to handle both flows.
Parameters
Section titled “Parameters”Email, password, redirect URI, optional captcha token.
Returns
Section titled “Returns”Promise<AuthResponse<RegisterResult>>
AuthResponse wrapping a RegisterResult.
On failure, result.code is one of AUTH_EMAIL_ALREADY_EXISTS,
AUTH_MISSING_REQUIRED_VALUE, or AUTH_NETWORK_ERROR.
resetPassword()
Section titled “resetPassword()”resetPassword(
input):Promise<AuthResponse<ResetPasswordResult>>
Defined in: packages/auth/src/client/AuthClient.ts:418
Set a new password using the reset token from the forgot-password email.
Parameters
Section titled “Parameters”New password and reset token.
Returns
Section titled “Returns”Promise<AuthResponse<ResetPasswordResult>>
AuthResponse with data: { ok: true } on success.
On failure, result.code is AUTH_PASSWORD_RESET_LINK_EXPIRED.