SDKs overview
MojoAuth offers a suite of Software Development Kits (SDKs) and libraries designed to facilitate the integration of its passwordless authentication services into diverse application environments. These SDKs abstract the complexities of handling authentication flows, token management, and secure communication with the MojoAuth API. Developers can utilize these tools to implement various passwordless methods, including magic links, one-time passcodes (OTP) via email or SMS, and social logins, across different programming languages and frameworks.
The SDKs are structured to support both client-side and server-side implementations. Client-side SDKs, primarily JavaScript-based, manage the user interface and initial authentication steps, while server-side libraries assist in validating tokens and managing user sessions securely. This dual approach ensures that authentication processes remain robust and aligned with modern security practices, such as those recommended for OAuth 2.0 client credential flows.
Official SDKs by language
MojoAuth provides official SDKs for a range of popular programming languages and JavaScript frameworks. These SDKs are maintained by MojoAuth and are the recommended method for integrating their services. Each SDK is tailored to the conventions and best practices of its respective language or framework, offering a streamlined development experience.
| Language/Framework | Package/Module | Installation Command | Maturity |
|---|---|---|---|
| JavaScript | @mojoauth/mojoauth-web-sdk |
npm install @mojoauth/mojoauth-web-sdk or yarn add @mojoauth/mojoauth-web-sdk |
Stable |
| React | @mojoauth/react |
npm install @mojoauth/react or yarn add @mojoauth/react |
Stable |
| Angular | @mojoauth/angular |
npm install @mojoauth/angular or yarn add @mojoauth/angular |
Stable |
| Vue.js | @mojoauth/vue |
npm install @mojoauth/vue or yarn add @mojoauth/vue |
Stable |
| Node.js | @mojoauth/node |
npm install @mojoauth/node or yarn add @mojoauth/node |
Stable |
| PHP | mojoauth/mojoauth-php |
composer require mojoauth/mojoauth-php |
Stable |
| Python | mojoauth |
pip install mojoauth |
Stable |
| Ruby | mojoauth-ruby |
gem install mojoauth-ruby |
Stable |
| Java | com.mojoauth:mojoauth-java |
Add to pom.xml (Maven) or build.gradle (Gradle) |
Stable |
Installation
Installation of MojoAuth SDKs typically involves using standard package managers relevant to the programming environment. For JavaScript-based projects (React, Angular, Vue.js, Node.js), npm or Yarn are the primary tools. PHP projects use Composer, Python projects use pip, and Ruby projects use Bundler or gem. Java projects integrate libraries via Maven or Gradle dependency management. Specific instructions are available in the MojoAuth official documentation for each SDK.
JavaScript (Web SDK)
npm install @mojoauth/mojoauth-web-sdk
Or using Yarn:
yarn add @mojoauth/mojoauth-web-sdk
Node.js
npm install @mojoauth/node
Or using Yarn:
yarn add @mojoauth/node
PHP
composer require mojoauth/mojoauth-php
Python
pip install mojoauth
Ruby
gem install mojoauth-ruby
Java (Maven example)
Add the following dependency to your pom.xml:
<dependency>
<groupId>com.mojoauth</groupId>
<artifactId>mojoauth-java</artifactId>
<version>1.0.0</version> <!-- Replace with the latest version -->
</dependency>
Quickstart example
The following example demonstrates a basic integration of the MojoAuth JavaScript Web SDK to initiate a passwordless login flow using an email. This snippet focuses on the client-side implementation for capturing user input and sending it to MojoAuth, then handling the response.
JavaScript Web SDK (Client-Side Email OTP)
This example sets up a simple form to collect an email address and trigger an OTP login. Replace YOUR_MOJOAUTH_API_KEY with your actual API key, which can be obtained from the MojoAuth Dashboard.
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>MojoAuth Passwordless Login</title>
</head>
<body>
<div id="mojoauth-form"></div>
<script src="https://cdn.mojoauth.com/js/mojoauth.min.js"></script>
<script>
const apiKey = 'YOUR_MOJOAUTH_API_KEY'; // Replace with your MojoAuth API Key
const redirectURL = 'http://localhost:3000/dashboard'; // Replace with your desired redirect URL
const mojoauth = new MojoAuth(apiKey, {
language: 'en',
redirect_url: redirectURL,
source: [{ type: 'email', feature: 'otp' }], // Use email OTP as the authentication source
});
mojoauth.signIn().then(response => {
if (response.isAuthenticated) {
console.log('User is authenticated:', response.user);
// Optionally redirect or update UI
window.location.href = redirectURL;
} else {
console.log('Authentication failed or pending:', response);
}
}).catch(error => {
console.error('MojoAuth error:', error);
});
</script>
</body>
</html>
This client-side code initiates the MojoAuth flow. For full security, the token received after successful authentication should be sent to your backend for validation using a server-side SDK. This server-side validation ensures that the token is legitimate and has not been tampered with, a critical step for securing user sessions, as detailed in Google's identity token verification guide.
Node.js Backend (Token Validation)
After the client-side authentication, the client receives a token. This token must be validated on the server. The following Node.js example demonstrates how to use the MojoAuth Node.js SDK to validate an authentication token received from the client.
const MojoAuth = require('@mojoauth/node');
const express = require('express');
const bodyParser = require('body-parser');
const app = express();
const port = 3000;
const apiKey = 'YOUR_MOJOAUTH_API_KEY'; // Replace with your MojoAuth API Key
const apiSecret = 'YOUR_MOJOAUTH_API_SECRET'; // Replace with your MojoAuth API Secret
const mojoauth = new MojoAuth(apiKey, apiSecret);
app.use(bodyParser.json());
app.post('/verify-token', async (req, res) => {
const { accessToken } = req.body;
if (!accessToken) {
return res.status(400).json({ message: 'Access token is required.' });
}
try {
const response = await mojoauth.oauth.token(accessToken);
if (response.isValid) {
// Token is valid, user is authenticated
res.status(200).json({ message: 'Authentication successful', user: response.user });
} else {
// Token is invalid or expired
res.status(401).json({ message: 'Invalid or expired token' });
}
} catch (error) {
console.error('Token verification error:', error);
res.status(500).json({ message: 'Internal server error during token verification' });
}
});
app.listen(port, () => {
console.log(`Server listening at http://localhost:${port}`);
});
This backend snippet demonstrates a common pattern for securing authentication: the client initiates the login, receives a temporary token, and then passes this token to a trusted backend for final verification. This server-side validation prevents various types of attacks, including token impersonation and replay attacks.
Community libraries
While MojoAuth primarily promotes its official SDKs, the open nature of web development often leads to community-contributed libraries and integrations. These can include wrappers for less common languages, plugins for specific CMS platforms, or examples of integrating MojoAuth with other services. Developers seeking community resources should consult public repositories like GitHub, Stack Overflow, or developer forums for user-contributed code and discussions. The MojoAuth documentation portal also serves as a central hub where community contributions might be highlighted or linked, providing a starting point for discovering additional tools developed by the broader developer community.