Enables Auth0 login within your Electron application, using proof-key-for-code-exchange (PKCE)
- 🔒 Uses the industry-standard PKCE flow, as recommended by Auth0 for native apps
- 🎿 Easy setup and a simple promise-based API
- 🔄 Supports refresh tokens for 'login once' functionality
- 💪 TypeScript support
- 🌍 Provided under MIT license
When asked for an auth token, this library will try the following:
- If you have a valid token in memory, and won't expire in the next 60 seconds, we return it
- If you have a refresh token, we exchange it for a new token
- If you have no refresh token (or have refresh tokens disabled), we open a new window with the Auth0 login page and begin a PKCE flow.
Discover more features in the API docs.
💥 Version 2 now out! New features include:
- easier setup with no need for peer dependencies
- support for non-Keytar refresh token libraries
- support for future extensibility
If you're having problems with the latest v2 release, try npm install [email protected]
.
Docs for the old release are here.
Install using NPM or Yarn:
# NPM
npm install electron-auth0-login
# Yarn
yarn add electron-auth0-login
🚨 This library expects a peerDependency of Electron 7+
Set up an application in the Auth0 console:
- create a
native
application (notmachine-to-machine
) - set up an "Allowed callback URL" for
https://{your auth0 domain}/mobile
Create a file called auth.ts
/auth.js
:
// For JS use require() instead
import { auth0Login } from 'electron-auth0-login';
// Only import this directly into your main process
// For the rendering process, use electron.remote.require()
export default auth0Login({
// Get these values from your Auth0 application console
auth0: {
audience: 'url',
clientId: 'long base64 string',
domain: 'url',
scopes: 'these will be custom to your application'
}
});
In your main process, you can just import the library directly:
// In your main.ts file, or a file imported by main.ts
// For JS use require() instead
import { getToken } from './auth';
async function example() {
// Example: using a bearer token
const token = await getToken();
apiCall({
headers: {
Authorization: `Bearer ${token}`
}
});
}
In the rendering process, you need to use electron.remote.require
:
// For JS use require() instead
import { remote } from 'electron';
const { getToken } = remote.require('./auth'); // depending where you put 'auth.ts'
async function example() {
// Example: using a bearer token
const token = await getToken();
apiCall({
headers: {
Authorization: `Bearer ${token}`
}
});
}
For more details, including advanced options and refresh tokens, take a look at the [Setup guide].
Discover other methods you can call in the [API guide].
Feel free to open an issue or pull request. Try to make these as detailed as possible: the more info, the easier it is to help. Example code is always good.
If you want to develop this library, just clone and npm install
. To grok the general layout and architecture of the project, read https://github.com/jbreckmckye/node-typescript-architecture.
Check out the electron-login-test project too, which will allow you to test your changes manually in an example Electron app.
This library is made available under the MIT license: see LICENSE file.
It was originally inspired by @adeperio's Electron PKCE example: https://gist.github.com/adeperio/73ce6680d4b80b45e624ab62bacfbdca
Copyright 2018-2021 Jimmy Breck-McKye.