You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/06-concepts/11-authentication/01-setup_new.md
+6-6Lines changed: 6 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -4,7 +4,7 @@ Serverpod comes with built-in support for authentication. It is possible to buil
4
4
5
5
Future versions of the authentication module will include more options. If you write another authentication module, please consider [contributing](/contribute) your code.
6
6
7
-
We provide the following packages of ready-touse authentication providers. They all include a basic user profile courtesy of `serverpod_auth_profile`, and session management through `serverpod_auth_session`.
7
+
We provide the following packages of ready-to-use authentication providers. They all include a basic user profile courtesy of `serverpod_auth_profile`, and session management through `serverpod_auth_session`.
8
8
9
9
|Package|Functionality|
10
10
|-|-|
@@ -22,7 +22,7 @@ Just follow any of the individual authentication provider guides to set the `Aut
22
22
23
23
## Email
24
24
25
-
To get started with emailbased authentication, add `serverpod_auth_email` to your project. This will add a sign-up flow with email verification, and support logins and session management (through `serverpod_auth_session`). By default, this adds user profiles for each registration through `serverpod_auth_profile`.
25
+
To get started with email-based authentication, add `serverpod_auth_email` to your project. This will add a sign-up flow with email verification, and support logins and session management (through `serverpod_auth_session`). By default, this adds user profiles for each registration through `serverpod_auth_profile`.
26
26
27
27
The only requirement for using this module is having a way to send out emails, so users can receive the initial verification email and also request a password reset later on.
As the email auth module does not expose any endpoint by default, but rather just an [`abstract` endpoint](../working-with-endpoints#endpoint-method-inheritance), a subclass of the default implementation has to be added to the current project in order to expose its APIs to outside client.
39
+
As the email auth module does not expose any endpoint by default, but rather just an [`abstract` endpoint](../working-with-endpoints#endpoint-method-inheritance), a subclass of the default implementation has to be added to the current project in order to expose its APIs to clients.
40
40
41
-
For this add an `email_account_endpoint.dart` file to the project:
41
+
For this, add an `email_account_endpoint.dart` file to the project:
@@ -111,9 +111,9 @@ If you're not hosting on Serverpod Cloud, you might consider an email sendout pr
111
111
112
112
It is up to the application to decide how to use the callbacks. Basically there are 2 primary approaches possible:
113
113
- Send out the `verificationCode` and require that the client initiating the request completes the operation (account creation or password reset). In that case the user could copy/paste or retype the (short) verification into a form on the client.
114
-
- Alternatively emails could contain a deep link with both the respective request ID and the verification code, which would then even support them being opened on any device (e.g. on a desktop, even if the original request was made on mobile).
114
+
- Alternatively, emails could contain a deep link with both the respective request ID and the verification code, which would then even support them being opened on any device (e.g. on a desktop, even if the original request was made on mobile).
115
115
116
-
Additionally you need to update the `passwords.yaml` file to include secrets for both `serverpod_auth_session_sessionKeyHashPepper` and `serverpod_auth_email_account_passwordHashPepper`.
116
+
Additionally, update the `passwords.yaml` file to include secrets for both `serverpod_auth_session_sessionKeyHashPepper` and `serverpod_auth_email_account_passwordHashPepper`.
117
117
These should be random and at least 10 characters long. These pepper values must not be changed after the initial deployment of the server, as they are baked into every session key and stored password, and thus a rotation would invalidate previously created credentials.
118
118
119
119
After a restart of the Serverpod the new endpoints will be usable from the client.
0 commit comments