Authentication API

Complete guide to BlockForge authentication using Supabase Auth.

Overview

BlockForge uses Supabase Auth for user authentication. This guide covers authentication methods and best practices.

Getting Started

javascript

import { createClient } from '@supabase/supabase-js'

const supabase = createClient(
  process.env.VITE_SUPABASE_URL,
  process.env.VITE_SUPABASE_ANON_KEY
)

Email/Password

javascript

const { data, error } = await supabase.auth.signUp({
  email: 'user@example.com',
  password: 'password123',
  options: {
    emailRedirectTo: 'https://blockforge.pro/confirm'
  }
})

OAuth Providers

javascript

// GitHub
const { data, error } = await supabase.auth.signInWithOAuth({
  provider: 'github',
  options: {
    redirectTo: 'https://blockforge.pro/callback'
  }
})

// Google
const { data, error } = await supabase.auth.signInWithOAuth({
  provider: 'google'
})

Email/Password

javascript

const { data, error } = await supabase.auth.signInWithPassword({
  email: 'user@example.com',
  password: 'password123'
})

OAuth

javascript

const { data, error } = await supabase.auth.signInWithOAuth({
  provider: 'github'
})

Sign Out

javascript

const { error } = await supabase.auth.signOut()

Session Management

Get Current Session

javascript

const { data: { session } } = await supabase.auth.getSession()

Get Current User

javascript

const { data: { user } } = await supabase.auth.getUser()

Listen to Auth Changes

javascript

supabase.auth.onAuthStateChange((event, session) => {
  if (event === 'SIGNED_IN') {
    console.log('User signed in:', session.user)
  } else if (event === 'SIGNED_OUT') {
    console.log('User signed out')
  }
})

Password Management

Reset Password

javascript

const { error } = await supabase.auth.resetPasswordForEmail('user@example.com', {
  redirectTo: 'https://blockforge.pro/reset-password'
})

Update Password

javascript

const { error } = await supabase.auth.updateUser({
  password: 'newpassword123'
})

User Management

Update User

javascript

const { data, error } = await supabase.auth.updateUser({
  email: 'newemail@example.com',
  data: {
    display_name: 'John Doe'
  }
})

Delete User

javascript

const { error } = await supabase.auth.admin.deleteUser(userId)

Security Best Practices

Use HTTPS - Always use HTTPS in production
Secure passwords - Enforce strong passwords
Session management - Implement proper session handling
Rate limiting - Protect against brute force
Email verification - Verify user emails

Authentication API ​

Overview ​

Getting Started ​

Sign Up ​

Email/Password ​

OAuth Providers ​

Sign In ​

Email/Password ​

OAuth ​

Sign Out ​

Session Management ​

Get Current Session ​

Get Current User ​

Listen to Auth Changes ​

Password Management ​

Reset Password ​

Update Password ​

User Management ​

Update User ​

Delete User ​

Security Best Practices ​

Next Steps ​

Authentication API

Overview

Getting Started

Sign Up

Email/Password

OAuth Providers

Sign In

Email/Password

OAuth

Sign Out

Session Management

Get Current Session

Get Current User

Listen to Auth Changes

Password Management

Reset Password

Update Password

User Management

Update User

Delete User

Security Best Practices

Next Steps