Skip to main content

AccountsServerOptions <CustomUser>

Index

Properties

Properties

optionalambiguousErrorMessages

ambiguousErrorMessages?: boolean

Return ambiguous error messages from login failures to prevent user enumeration. Defaults to true.

optionalcreateJwtPayload

createJwtPayload?: (data: JwtData, user: CustomUser) => Promise<Record<string, any>>

Function to add addition information in jwt payload of accessToken

Type declaration

    • (data: JwtData, user: CustomUser): Promise<Record<string, any>>

    • Parameters

      • data: JwtData
      • user: CustomUser

      Returns Promise<Record<string, any>>

optionalcreateNewSessionTokenOnRefresh

createNewSessionTokenOnRefresh?: boolean

Creates a new session token each time a user refreshes his access token

optionalemailTemplates

emailTemplates?: Partial<EmailTemplatesType>

optionalenableAutologin

enableAutologin?: boolean

If this flag is set to true - user will be automatically logged in after registration. LoginResult data will be included into registration response. Can be enabled only if requireEmailVerification is set to false. Defaults to false.

optionalimpersonationAuthorize

impersonationAuthorize?: (user: User, impersonateToUser: User) => Promise<any>

Type declaration

    • (user: User, impersonateToUser: User): Promise<any>

    • Parameters

      • user: User
      • impersonateToUser: User

      Returns Promise<any>

optionalmicro

micro?: boolean

optionalprepareMail

prepareMail?: PrepareMailFunction

optionalresumeSessionValidator

resumeSessionValidator?: (user: User, session: Session) => Promise<void>

Use this function if you want to cancel the current session to be resumed. The session parameter will be null if the useStatelessSession option is set to true.

Type declaration

    • (user: User, session: Session): Promise<void>

    • Parameters

      • user: User
      • session: Session

      Returns Promise<void>

optionalsendMail

sendMail?: SendMailType

optionalsiteUrl

siteUrl?: string

optionaltokenConfigs

tokenConfigs?: { accessToken?: SignOptions; refreshToken?: SignOptions }

Type declaration

  • optionalaccessToken?: SignOptions
  • optionalrefreshToken?: SignOptions

optionaltokenCreator

tokenCreator?: TokenCreator

tokenSecret

tokenSecret: string | { privateKey: Secret; publicKey: Secret }

optionaluseInternalUserObjectSanitizer

useInternalUserObjectSanitizer?: boolean

Set this false to false if you wish to skip internal user sanitazing method, and expose the original User object as-is.

optionaluseStatelessSession

useStatelessSession?: boolean

Should the session mechanism be stateless. By default the token is checked against the database in every request. This allow you to revoke a session at any time. Since we are using JWT you can decide to have a stateless session. This means that the token won't be checked against the database on every request. Using the stateless approach will make the server authorisation check faster but this means that you won't be able to able to invalidate the access token until it's expired. Only use this option if you understand the downsides of this approach. Default 'false'.

optionaluserObjectSanitizer

userObjectSanitizer?: (user: CustomUser) => CustomUser

Type declaration

    • (user: CustomUser): CustomUser

    • Parameters

      • user: CustomUser

      Returns CustomUser