Authentication
Last updated
Last updated
With the Pakt SDK, Chainsite builders can establish user authentication features such as:
Users can register an account on a Chainsite, with or without a referral. Note that the referrals are activated by the Chainsite admin or the appropriate role assigned. To register an account via the SDK on the Chainsite, the RegisterPayload is required, see below the fields and their description.
firstName
The first name of the user to be registered, for users with middle names or more names, they can be added here.
false
lastName
The surname or last name of the user.
false
Valid email address to be registered
false
password
Password of the account to be registered
false
referral
Code to validate exclusive entry.
true
Here is an example function on how to set up the user registration on a Chainsite:
Upon a successful response, an email is sent to the email address, the RegisterDto is made up of the following field.
tempToken
Object containing the authorization token as well as the period the token expires.
The tempToken is made up of fields as seen below:
token
The temporary authorization token used to verify the account
token_type
The type of the token.
jwt
expiresIn
Identifier returning the period the temporary token expires, defaults to 20 minutes or 1217879 milliseconds.
When a user attempts to log in, the system checks if their email is verified. If the user passes this email verification check, they are logged in, and the response includes their user profile and an authorization token. The authorization token expires after 24 hours. The LoginDto is described like this:
_id
The identifier of the user
string
firstName
The user's first name, inclusive of the middle name(s) if added
string
lastName
The user's last name, inclusive of the middle name(s) if added
string
Verified email address of the user
string
status
Identifer to mark the user account status as blocked or active. status if true, means the user is active, blocked, if false
boolean
token
Authorization token to be passed in subsequent calls
string
emailVerified
Identifier that returns true if email is verified, false if it isn’t
boolean
type
The type of user, marked as a creator or recipient. This can be changed when updating the profile
string
profile
A response object that contains information about the user.
Record<string, any> | Object
walletGenerated
Identifier to return if a wallet has been generated for this user
boolean
score
This field represents the accumulated points calculated and accrued when the user completes certain actions while using the chainsite, defaults to 0.
number
twoFAStatus
Identifier returning the user two-factor authentication status, defaults to false.
boolean
onboarded
Identifier returning the user onboarded status, defaults to false.
boolean
profileCompleteness
Identifier returning, in percentage, just how updated the user profile is completed.
number
achievements
An array list of the user accomplishments, this impacts the
Record<string, any>[]
socket
Object containing the user socket status, the socket status is used for messaging.
Record<string, any>
socket.status
Identifier returning the standing of the user, marked as either OFFLINE, ONLINE, AWAY
OFFLINE, ONLINE, AWAY
referralCode
Identifier returning the code associated with the user. This code can be used to refer others to the chainsite, to register
string
userName
Identifier returning the userName associated with the user
string
extra
Object containing about the user activities carried out in the chainsite
Record<string, any>
token_type
The type of the authorization token, defaults to jwt
string
expiresIn
The time the authorizationToken expires, defaults to 86400 seconds
number
Here is an example function to set the user login on a Chainsite:
Every registered email needs to be verified before a user's new Chainsite account is approved. Hence, the PAKT SDK includes account verification. It generates both a temporary authorization token and a code. The code is sent to the user's email to verify their identity. Then the user is prompted to enter it in a field to complete verification. When the verification is successful, the AccountVerifyDto is returned. The AccountVerifyDto looks like this:
Verified email address of the user
string
token
Authorization token returned
string
expiresIn
Time of expiry of the authorization token, defaults to 86400
number
Here is an example function to verify an account:
If a user needs a new verification code, the following function is used to resend it. When this feature is called, a new temporary token is returned in the ResetDto.
The ResetDto looks like this:
tempToken
Object containing the authorization token as well as the period the token expires
tempToken.token
The temporary authorization token
tempToken.expiresIn
Identifer returning the period the temporary token expires, defaults to 20 minutes or 1217879 milliseconds
Users can reset their login password if they forget or lose it. After making the request, a temporary authorization token is returned in the response (see ResetDto), and an email containing the reset code is sent to the user.
After the user makes the call to reset their password as seen directly above the password token received via email can be validated.
Here is an example function describing how to call the "Validate Password Token"
To complete the password reset, the following information is required
Verification token received from the email.
Temporary authorization token
New password
Here is an example function that depicts how to make the call to change the password.