supertokens-auth-reactEmail Password login
Sign up form#
- Web
- Mobile
Call the following function when the user clicks on the sign up button.
- Via NPM
- Via Script Tag
import { signUp } from "supertokens-web-js/recipe/emailpassword";
async function signUpClicked(email: string, password: string) {
try {
let response = await signUp({
formFields: [{
id: "email",
value: email
}, {
id: "password",
value: password
}]
})
if (response.status === "FIELD_ERROR") {
// one of the input formFields failed validaiton
response.formFields.forEach(formField => {
if (formField.id === "email") {
// Email validation failed (for example incorrect email syntax),
// or the email is not unique.
window.alert(formField.error)
} else if (formField.id === "password") {
// Password validation failed.
// Maybe it didn't match the password strength
window.alert(formField.error)
}
})
} else {
// sign up successful. The session tokens are automatically handled by
// the frontend SDK.
window.location.href = "/homepage"
}
} catch (err: any) {
if (err.isSuperTokensGeneralError === true) {
// this may be a custom error message sent from the API by you.
window.alert(err.message);
} else {
window.alert("Oops! Something went wrong.");
}
}
}
async function signUpClicked(email: string, password: string) {
try {
let response = await supertokensEmailPassword.signUp({
formFields: [{
id: "email",
value: email
}, {
id: "password",
value: password
}]
})
if (response.status === "FIELD_ERROR") {
// one of the input formFields failed validaiton
response.formFields.forEach(formField => {
if (formField.id === "email") {
// Email validation failed (for example incorrect email syntax),
// or the email is not unique.
window.alert(formField.error)
} else if (formField.id === "password") {
// Password validation failed.
// Maybe it didn't match the password strength
window.alert(formField.error)
}
})
} else {
// sign up successful. The session tokens are automatically handled by
// the frontend SDK.
window.location.href = "/homepage"
}
} catch (err: any) {
if (err.isSuperTokensGeneralError === true) {
// this may be a custom error message sent from the API by you.
window.alert(err.message);
} else {
window.alert("Oops! Something went wrong.");
}
}
}
Call the follwing API when the user clicks on the sign up button (the command below can be tried on your terminal).
curl --location --request POST '<YOUR_API_DOMAIN>/auth/signup' \
--header 'rid: emailpassword' \
--header 'Content-Type: application/json' \
--data-raw '{
"formFields": [{
"id": "email",
"value": "john@example.com"
}, {
"id": "password",
"value": "somePassword123"
}]
}'
The response body from the API call has a status property in it:
status: "OK": User creation was successful. The response also contains more information about the user, for example their user ID.status: "FIELD_ERROR": One of the form field inputs failed validation. The response body contains information about which form field input based on theid:The email could fail validation if it's syntactically not an email, of it it's not unique.
The password could fail validation if it's not string enough (as defined by the backend password validator).
Either way, you want to show the user an error next to the input form field.
status: "GENERAL_ERROR": This is only possible if you have overriden the backend API to send back a custom error message which should be displayed on the frontend.
The formFields input is a key-value array. You must provide it an email and a password value at a minimum. If you want to provide additional items, for example the user's name or age, you can append it to the array like so:
{
"formFields": [{
"id": "email",
"value": "john@example.com"
}, {
"id": "password",
"value": "somePassword123"
}, {
"id": "name",
"value": "John Doe"
}]
}
On the backend, the formFields array will be available to you for consumption.
note
On success, the backend will send back session tokens as part of the response headers which will be automatically handled by our frontend SDK for you.
Checking if email is unique#
As a part of the sign up form, you may want to explicitly check that the entered email is unique. Whilst this is already done via the sign up API call, it may be a better UX to warn the user about a non unique email right after they finish typing it.
- Web
- Mobile
- Via NPM
- Via Script Tag
import { doesEmailExist } from "supertokens-web-js/recipe/emailpassword";
async function checkEmail(email: string) {
try {
let response = await doesEmailExist({
email
});
if (response.doesExist) {
window.alert("Email already exists. Please sign in instead")
}
} catch (err: any) {
if (err.isSuperTokensGeneralError === true) {
// this may be a custom error message sent from the API by you.
window.alert(err.message);
} else {
window.alert("Oops! Something went wrong.");
}
}
}
async function checkEmail(email: string) {
try {
let response = await supertokensEmailPassword.doesEmailExist({
email
});
if (response.doesExist) {
window.alert("Email already exists. Please sign in instead")
}
} catch (err: any) {
if (err.isSuperTokensGeneralError === true) {
// this may be a custom error message sent from the API by you.
window.alert(err.message);
} else {
window.alert("Oops! Something went wrong.");
}
}
}
curl --location --request GET '<YOUR_API_DOMAIN>/auth/signup/email/exists?email=john@example.com' \
--header 'rid: emailpassword'
The response body from the API call has a status property in it:
status: "OK": The response will also contain adoesExistboolean which will betrueif the input email already belongs to an email password user.status: "GENERAL_ERROR": This is only possible if you have overriden the backend API to send back a custom error message which should be displayed on the frontend.
Sign in form#
- Web
- Mobile
Call the follwing function when the user clicks on the sign in button.
- Via NPM
- Via Script Tag
import { signIn } from "supertokens-web-js/recipe/emailpassword";
async function signInClicked(email: string, password: string) {
try {
let response = await signIn({
formFields: [{
id: "email",
value: email
}, {
id: "password",
value: password
}]
})
if (response.status === "FIELD_ERROR") {
response.formFields.forEach(formField => {
if (formField.id === "email") {
// Email validation failed (for example incorrect email syntax).
window.alert(formField.error)
}
})
} else if (response.status === "WRONG_CREDENTIALS_ERROR") {
window.alert("Email password combination is incorrect.")
} else {
// sign in successful. The session tokens are automatically handled by
// the frontend SDK.
window.location.href = "/homepage"
}
} catch (err: any) {
if (err.isSuperTokensGeneralError === true) {
// this may be a custom error message sent from the API by you.
window.alert(err.message);
} else {
window.alert("Oops! Something went wrong.");
}
}
}
async function signInClicked(email: string, password: string) {
try {
let response = await supertokensEmailPassword.signIn({
formFields: [{
id: "email",
value: email
}, {
id: "password",
value: password
}]
})
if (response.status === "FIELD_ERROR") {
// one of the input formFields failed validaiton
response.formFields.forEach(formField => {
if (formField.id === "email") {
// Email validation failed (for example incorrect email syntax).
window.alert(formField.error)
}
})
} else if (response.status === "WRONG_CREDENTIALS_ERROR") {
window.alert("Email password combination is incorrect.")
} else {
// sign in successful. The session tokens are automatically handled by
// the frontend SDK.
window.location.href = "/homepage"
}
} catch (err: any) {
if (err.isSuperTokensGeneralError === true) {
// this may be a custom error message sent from the API by you.
window.alert(err.message);
} else {
window.alert("Oops! Something went wrong.");
}
}
}
Call the follwing API when the user clicks on the sign in button (the command below can be tried on your terminal).
curl --location --request POST '<YOUR_API_DOMAIN>/auth/signin' \
--header 'rid: emailpassword' \
--header 'Content-Type: application/json' \
--data-raw '{
"formFields": [{
"id": "email",
"value": "john@example.com"
}, {
"id": "password",
"value": "somePassword123"
}]
}'
The response body from the API call has a status property in it:
status: "OK": User sign in was successful. The response also contains more information about the user, for example their user ID.status: "WRONG_CREDENTIALS_ERROR": The input email and password combination is incorrect.status: "FIELD_ERROR": This indicates that the input email did not pass the backend validation - probably because it's syntactically not an email. You want to show the user an error next to the email input form field.status: "GENERAL_ERROR": This is only possible if you have overriden the backend API to send back a custom error message which should be displayed on the frontend.
important
On success, the backend will send back session tokens as part of the response headers which will be automatically handled by our frontend SDK for you.