CtrlK
BlogDocsLog inGet started
Tessl Logo

tessl/npm-toruslabs--torus-embed

Embeddable Web3 authentication solution that integrates OAuth logins with Multi Party Computation technology for passwordless wallet access

Pending
Overview
Eval results
Files

authentication.mddocs/

Authentication

OAuth-based authentication system supporting multiple providers (Google, Facebook, Discord, etc.) with session management and user profile access.

Capabilities

User Login

Authenticate users through OAuth providers and return their Ethereum accounts.

/**
 * Initiate user login process through OAuth providers
 * @param params - Optional login parameters including verifier and login hint
 * @returns Promise resolving to array of user's Ethereum account addresses
 * @throws Error if widget not initialized
 */
login(params?: TorusLoginParams): Promise<string[]>;

interface TorusLoginParams {
  /** OAuth verifier to use for login */
  verifier?: string;
  /** Login hint (email or username) to pre-fill login form */
  login_hint?: string;
}

Usage Examples:

// Basic login with default providers
const accounts = await torus.login();
console.log("User accounts:", accounts);

// Login with specific verifier
const googleAccounts = await torus.login({ 
  verifier: "google" 
});

// Login with email hint
const accounts = await torus.login({ 
  verifier: "google",
  login_hint: "user@example.com"
});

User Logout

Log out the current user and clear authentication state.

/**
 * Log out the current user and clear authentication state
 * @returns Promise that resolves when logout is complete
 * @throws Error if user not logged in
 */
logout(): Promise<void>;

Usage Example:

try {
  await torus.logout();
  console.log("User logged out successfully");
} catch (error) {
  console.error("Logout failed:", error.message);
}

User Information

Retrieve detailed user profile information.

/**
 * Request user profile information with custom message
 * May prompt user for permission
 * @param message - Custom message to display in permission request
 * @returns Promise resolving to user profile information
 */
getUserInfo(message: string): Promise<UserInfo>;

interface UserInfo {
  /** User's email address */
  email: string;
  /** User's full name */
  name: string;
  /** User's profile image URL */
  profileImage: string;
  /** OAuth verifier used (google, facebook, etc.) */
  verifier: string;
  /** Verifier-specific user ID */
  verifierId: string;
  /** Whether this is a new user */
  isNewUser: boolean;
  /** Type of login used */
  typeOfLogin: LOGIN_TYPE;
}

Usage Example:

try {
  const userInfo = await torus.getUserInfo("Please allow access to your profile");
  console.log("User info:", {
    name: userInfo.name,
    email: userInfo.email,
    provider: userInfo.verifier,
    isNew: userInfo.isNewUser
  });
} catch (error) {
  console.error("Failed to get user info:", error);
}

Private Key Login

Authenticate using a private key with associated user information.

/**
 * Login using a private key and user information
 * Private key must be 32-byte secp256k1 key
 * @param loginParams - Private key and user information
 * @returns Promise resolving to success status
 */
loginWithPrivateKey(loginParams: {
  privateKey: string;
  userInfo: Omit<UserInfo, "isNewUser">;
}): Promise<boolean>;

Usage Example:

const success = await torus.loginWithPrivateKey({
  privateKey: "0x1234567890abcdef...", // 32-byte hex string
  userInfo: {
    email: "user@example.com",
    name: "John Doe",
    profileImage: "https://example.com/avatar.jpg",
    verifier: "custom",
    verifierId: "custom-user-id",
    typeOfLogin: "jwt"
  }
});

if (success) {
  console.log("Private key login successful");
}

Authentication State

Access current authentication status.

/** Whether user is currently logged in */
readonly isLoggedIn: boolean;

/** Current verifier being used */
readonly currentVerifier: string;

/** Requested verifier for login */
readonly requestedVerifier: string;

Usage Example:

if (torus.isLoggedIn) {
  console.log("User is logged in with:", torus.currentVerifier);
} else {
  console.log("User not logged in");
}

Login Configuration

Configure OAuth providers and customize login options.

interface LoginConfig {
  /** OAuth provider configurations */
  [verifier: string]: LoginConfigItem;
}

interface LoginConfigItem {
  /** Display name for the login option */
  name: string;
  /** Type of OAuth provider */
  typeOfLogin: LOGIN_TYPE;
  /** Description for login button */
  description?: string;
  /** Custom OAuth client ID */
  clientId?: string;
  /** Logo URL for hover state */
  logoHover?: string;
  /** Logo URL for light theme */
  logoLight?: string;
  /** Logo URL for dark theme */
  logoDark?: string;
  /** Show login button in modal */
  showOnModal?: boolean;
  /** Show login button on mobile */
  showOnMobile?: boolean;
  /** JWT parameters for Auth0 integration */
  jwtParameters?: JwtParameters;
  /** Show as main login option */
  mainOption?: boolean;
  /** Show login button on desktop */
  showOnDesktop?: boolean;
  /** Button display priority (1 = highest) */
  priority?: number;
}

interface JwtParameters extends BaseLoginOptions {
  /** Auth0 domain */
  domain: string;
  /** OAuth client ID */
  client_id?: string;
  /** Callback URL */
  redirect_uri?: string;
  /** Clock skew allowance in seconds */
  leeway?: number;
  /** JWT field mapping to verifier ID */
  verifierIdField?: string;
  /** Whether verifier ID field is case sensitive */
  isVerifierIdCaseSensitive?: boolean;
}

interface BaseLoginOptions {
  /** Additional OAuth parameters */
  [key: string]: unknown;
  /** UI display mode */
  display?: "page" | "popup" | "touch" | "wap";
  /** Authentication prompt behavior */
  prompt?: "none" | "login" | "consent" | "select_account";
  /** Maximum authentication age in seconds */
  max_age?: string | number;
  /** Language preferences */
  ui_locales?: string;
  /** Previously issued ID token */
  id_token_hint?: string;
  /** Login hint (email/username) */
  login_hint?: string;
  /** ACR values */
  acr_values?: string;
  /** OAuth scope */
  scope?: string;
  /** OAuth audience */
  audience?: string;
  /** OAuth connection */
  connection?: string;
}

Supported OAuth Providers

type LOGIN_TYPE = 
  | "google"         // Google OAuth
  | "facebook"       // Facebook OAuth  
  | "reddit"         // Reddit OAuth
  | "discord"        // Discord OAuth
  | "twitch"         // Twitch OAuth
  | "apple"          // Apple Sign In
  | "github"         // GitHub OAuth
  | "linkedin"       // LinkedIn OAuth
  | "twitter"        // Twitter OAuth
  | "weibo"          // Weibo OAuth
  | "line"           // LINE OAuth
  | "jwt"            // Custom JWT
  | "email_password" // Email/password
  | "passwordless"   // Passwordless email
  | "wechat"         // WeChat OAuth
  | "kakao";         // Kakao OAuth

// Predefined verifier identifiers
const WALLET_VERIFIERS = {
  GOOGLE: "google",
  FACEBOOK: "facebook", 
  TWITCH: "twitch",
  REDDIT: "reddit",
  DISCORD: "discord",
  EMAIL_PASSWORDLESS: "torus-auth0-email-passwordless"
} as const;

Usage Example for Custom Login Config:

await torus.init({
  loginConfig: {
    "custom-google": {
      name: "Custom Google",
      typeOfLogin: "google",
      description: "Login with your Google account",
      clientId: "your-google-client-id",
      logoLight: "https://example.com/google-logo.png",
      showOnModal: true,
      mainOption: true,
      priority: 1
    },
    "custom-auth0": {
      name: "Enterprise Login",
      typeOfLogin: "jwt",
      description: "Login with enterprise account",
      jwtParameters: {
        domain: "your-company.auth0.com",
        client_id: "your-auth0-client-id",
        verifierIdField: "email",
        isVerifierIdCaseSensitive: false
      },
      showOnModal: true,
      priority: 2
    }
  }
});

Install with Tessl CLI

npx tessl i tessl/npm-toruslabs--torus-embed

docs

authentication.md

ethereum-provider.md

index.md

network-management.md

wallet-operations.md

widget-management.md

tile.json