tabshift/payloadcms
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity

chore: add jsdocs for authentication types and add missing config to docs (#8082)

Browse Source
This commit is contained in:
Paul
2024-09-05 18:04:13 -06:00
committed by GitHub
parent 6f512b6ca8
commit e80da7cb75
2 changed files with 47 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
docs/authentication/overview.mdx
View File

@@ -85,6 +85,7 @@ The following options are available:
| **`lockTime`** | Set the time (in milliseconds) that a user should be locked out if they fail authentication more times than `maxLoginAttempts` allows for. | | **`lockTime`** | Set the time (in milliseconds) that a user should be locked out if they fail authentication more times than `maxLoginAttempts` allows for. |
| **`loginWithUsername`** | Ability to allow users to login with username/password. [More](/docs/authentication/overview#login-with-username) | | **`loginWithUsername`** | Ability to allow users to login with username/password. [More](/docs/authentication/overview#login-with-username) |
| **`maxLoginAttempts`** | Only allow a user to attempt logging in X amount of times. Automatically locks out a user from authenticating if this limit is passed. Set to `0` to disable. | | **`maxLoginAttempts`** | Only allow a user to attempt logging in X amount of times. Automatically locks out a user from authenticating if this limit is passed. Set to `0` to disable. |
| **`removeTokenFromResponses`** | Set to true if you want to remove the token from the returned authentication API responses such as login or refresh. |
| **`strategies`** | Advanced - an array of custom authentification strategies to extend this collection's authentication with. [More details](./custom-strategies). | | **`strategies`** | Advanced - an array of custom authentification strategies to extend this collection's authentication with. [More details](./custom-strategies). |
| **`tokenExpiration`** | How long (in seconds) to keep the user logged in. JWTs and HTTP-only cookies will both expire at the same time. | | **`tokenExpiration`** | How long (in seconds) to keep the user logged in. JWTs and HTTP-only cookies will both expire at the same time. |
| **`useAPIKey`** | Payload Authentication provides for API keys to be set on each user within an Authentication-enabled Collection. [More details](./api-keys). | | **`useAPIKey`** | Payload Authentication provides for API keys to be set on each user within an Authentication-enabled Collection. [More details](./api-keys). |

46
packages/payload/src/auth/types.ts
View File

@@ -132,24 +132,70 @@ export type LoginWithUsernameOptions =
} }
export interface IncomingAuthType { export interface IncomingAuthType {
/**
* Set cookie options, including secure, sameSite, and domain. For advanced users.
*/
cookies?: { cookies?: {
domain?: string domain?: string
sameSite?: 'Lax' | 'None' | 'Strict' | boolean sameSite?: 'Lax' | 'None' | 'Strict' | boolean
secure?: boolean secure?: boolean
} }
/**
* How many levels deep a user document should be populated when creating the JWT and binding the user to the req. Defaults to 0 and should only be modified if absolutely necessary, as this will affect performance.
* @default 0
*/
depth?: number depth?: number
/**
* Advanced - disable Payload's built-in local auth strategy. Only use this property if you have replaced Payload's auth mechanisms with your own.
*/
disableLocalStrategy?: true disableLocalStrategy?: true
/**
* Customize the way that the forgotPassword operation functions.
* @link https://payloadcms.com/docs/beta/authentication/email#forgot-password
*/
forgotPassword?: { forgotPassword?: {
generateEmailHTML?: GenerateForgotPasswordEmailHTML generateEmailHTML?: GenerateForgotPasswordEmailHTML
generateEmailSubject?: GenerateForgotPasswordEmailSubject generateEmailSubject?: GenerateForgotPasswordEmailSubject
} }
/**
* Set the time (in milliseconds) that a user should be locked out if they fail authentication more times than maxLoginAttempts allows for.
*/
lockTime?: number lockTime?: number
/**
* Ability to allow users to login with username/password.
*
* @link https://payloadcms.com/docs/beta/authentication/overview#login-with-username
*/
loginWithUsername?: boolean | LoginWithUsernameOptions loginWithUsername?: boolean | LoginWithUsernameOptions
/**
* Only allow a user to attempt logging in X amount of times. Automatically locks out a user from authenticating if this limit is passed. Set to 0 to disable.
*/
maxLoginAttempts?: number maxLoginAttempts?: number
/***
* Set to true if you want to remove the token from the returned authentication API responses such as login or refresh.
*/
removeTokenFromResponses?: true removeTokenFromResponses?: true
/**
* Advanced - an array of custom authentification strategies to extend this collection's authentication with.
* @link https://payloadcms.com/docs/beta/authentication/custom-strategies
*/
strategies?: AuthStrategy[] strategies?: AuthStrategy[]
/**
* Controls how many seconds the token will be valid for. Default is 2 hours.
* @default 7200
* @link https://payloadcms.com/docs/beta/authentication/overview#config-options
*/
tokenExpiration?: number tokenExpiration?: number
/**
* Payload Authentication provides for API keys to be set on each user within an Authentication-enabled Collection.
* @default false
* @link https://payloadcms.com/docs/beta/authentication/api-keys
*/
useAPIKey?: boolean useAPIKey?: boolean
/**
* Set to true or pass an object with verification options to require users to verify by email before they are allowed to log into your app.
* @link https://payloadcms.com/docs/beta/authentication/email#email-verification
*/
verify?: verify?:
| { | {
generateEmailHTML?: GenerateVerifyEmailHTML generateEmailHTML?: GenerateVerifyEmailHTML