Docs / SDK reference / Auth

Auth

Browser + server safe — flarelink.auth.* never needs the service key. Every call sends credentials: 'include', so the browser carries the session cookie automatically. On the server, you'll need to forward cookies manually — see SSR & cookies.

Surface accurate as of @flarelink/client v0.2.3. Mirrors the package README.

// Sign up / sign in — both resolve to { user: User }
const { user } = await flarelink.auth.signUp({ email, password, name })
await flarelink.auth.signIn({ email, password })

// OAuth — redirects to the provider by default
await flarelink.auth.signInWithSocial("google")
const { url } = await flarelink.auth.signInWithSocial("github", { noRedirect: true })

// Magic link — first arg is the email string
await flarelink.auth.signInWithMagicLink("[email protected]")

// Sign out
await flarelink.auth.signOut()

// Who's signed in?
const me      = await flarelink.auth.getMe()       // User | null
const session = await flarelink.auth.getSession()  // Session | null (no nested user)

// Password reset (two steps)
await flarelink.auth.requestPasswordReset({
  email: "[email protected]",
  redirectTo: "https://myapp.com/reset",  // your reset page; ?token= is appended
})
// …user clicks the email link, your page reads ?token=
await flarelink.auth.resetPassword({ token, newPassword })

// Email verification (manual trigger)
await flarelink.auth.sendVerificationEmail({ email })

getMe() returns the full User or null; getSession() returns only the Session row (with userId / expiresAt) — no nested user. Reach for getMe() when you need the user's email or name. requestPasswordReset / resetPassword / sendVerificationEmail all resolve to { status: boolean }.

User & Session types

type User = {
  id: string
  email: string
  name: string
  emailVerified: boolean
  image: string | null
  createdAt: string
  updatedAt: string
}

type Session = {
  id: string
  userId: string
  expiresAt: string
  createdAt: string
  updatedAt: string
  ipAddress?: string | null
  userAgent?: string | null
}

OAuth & magic links

signInWithSocial(provider, opts?) redirects to the provider by default. Pass { noRedirect: true } to get { url } back instead — useful for SSR or when you want to render the link yourself. Providers are "google" and "github"; configure them per OAuth provider setup. Magic-link and OAuth both depend on the email module being configured.

Call getMe() from a server route: SSR & cookies.
Gate a page on auth: Protect a route (per framework).
Handle failures: Error reference.

Something unclear or missing? [email protected] llms-full.txt ↗

Auth

User & Session types

OAuth & magic links

Next