BkperAuth

OAuth authentication client for the Bkper API.

Provides framework-agnostic authentication with callback-based event handling. Access tokens are stored in-memory; sessions persist via HTTP-only cookies.

example

// Initialize authentication client
const auth = new BkperAuth({
  onLoginSuccess: () => loadUserData(),
  onLoginRequired: () => showLoginButton()
});

// Restore session on app load
await auth.init();

getAccessToken():

string

|

undefined

Gets the current access token.

Returns The access token if authenticated, undefined otherwise

example

const token = auth.getAccessToken();
if (token) {
  // Make authenticated API calls
  fetch('/api/data', {
    headers: { 'Authorization': `Bearer ${token}` }
  });
}

init():

Promise

<

void

>

Initializes the authentication state by attempting to refresh the access token.

Call this method when your app loads to restore the user’s session. Triggers onLoginSuccess if a valid session exists, or onLoginRequired if login is needed.

login():

void

Redirects the user to the login page.

The user will be redirected to the authentication service to complete the login flow. After successful login, they will be redirected back to the current page.

example

// Trigger login when user clicks a button
loginButton.addEventListener('click', () => {
  auth.login();
});

logout():

void

Logs out the user and redirects to the logout page.

Triggers the onLogout callback before redirecting. The user’s session will be terminated.

example

// Logout when user clicks logout button
logoutButton.addEventListener('click', () => {
  auth.logout();
});

refresh():

Promise

<

void

>

Refreshes the access token using the current session.

Call this when API requests return 403 to get a new token and retry. Triggers onTokenRefresh callback if successful. Throws error if the refresh fails (network error, expired session, etc.).

example

// Handle 403 by refreshing and retrying
const response = await fetch('/api/data', {
  headers: { 'Authorization': `Bearer ${auth.getAccessToken()}` }
});

if (response.status === 403) {
  await auth.refresh();
  // Retry with new token
  return fetch('/api/data', {
    headers: { 'Authorization': `Bearer ${auth.getAccessToken()}` }
  });
}

BkperAuthConfig

Configuration options for the BkperAuth class.

baseUrl:

string

Override the authentication service base URL.

Most users don’t need this. The default production URL works out of the box.

Use cases:

  • Testing: Point to a mock authentication service for integration tests
  • Development: Use a local mock server

example

// Testing with mock server
const auth = new BkperAuth({
  baseUrl: 'http://localhost:3000/mock-auth'
});

getAdditionalAuthParams():

Record

<

string

|

string

>

Provide additional parameters to send to the authentication service.

Useful for custom authentication flows or passing additional context to your authentication implementation.

returns

Record of key-value pairs to append to auth requests

example

// Custom authentication context
const auth = new BkperAuth({
  getAdditionalAuthParams: () => {
    const token = new URLSearchParams(location.search).get('custom-token');
    return token ? { customToken: token } : {};
  }
});

onError(error:

unknown

):

void

Called when an error occurs during authentication.

Parameters:
Name
Description
error

The error that occurred

onLoginRequired():

void

Called when login is required (user needs to sign in).

onLoginSuccess():

void

Called when login succeeds (user is authenticated).

onLogout():

void

Called when the user logs out.

onTokenRefresh(token:

string

):

void

Called when the access token is refreshed.

Parameters:
Name
Description
token

The new access token