Authentication

Aerostack Auth is a complete, production-ready authentication system. It handles user registration, login, OTP codes, email verification, and password resets — out of the box, with zero configuration required.

What’s included

Email + password registration and login
OTP / Magic Link — passwordless sign-in via 6-digit codes
Email verification — confirm email on sign-up
Password reset — secure token-based reset flow
Session management — access tokens + refresh token rotation
Profile management — update name, avatar, custom fields
Rate limiting — brute-force protection built in
Cloudflare Turnstile — optional bot protection on any endpoint

Quick start

1. Install the SDK

npm install @aerostack/react

2. Wrap your app

// app.tsx
import { AerostackProvider } from '@aerostack/react'
 
export default function App() {
  return (
    <AerostackProvider
      projectId="your-project-id"
      apiKey="your-api-key"
      baseUrl="https://api.aerostack.ai/v1"
    >
      <YourApp />
    </AerostackProvider>
  )
}

3. Use auth in any component

import { useAuth } from '@aerostack/react'
 
export function LoginForm() {
  const { signIn, user, loading, error } = useAuth()
 
  const handleSubmit = async (e) => {
    e.preventDefault()
    await signIn(email, password)
  }
 
  if (user) return <p>Welcome, {user.name}!</p>
 
  return (
    <form onSubmit={handleSubmit}>
      <input type="email" onChange={e => setEmail(e.target.value)} />
      <input type="password" onChange={e => setPassword(e.target.value)} />
      {error && <p className="text-red-500">{error}</p>}
      <button type="submit" disabled={loading}>
        {loading ? 'Signing in...' : 'Sign in'}
      </button>
    </form>
  )
}

Auth state

The useAuth hook returns the full auth state:

const {
  user,            // User | null — current user object
  tokens,          // { accessToken, refreshToken, expiresAt } | null
  loading,         // boolean — any auth operation in progress
  error,           // string | null — last error message
  isAuthenticated, // boolean — shorthand for !!tokens?.accessToken
} = useAuth()

The user object shape:

interface User {
  id: string
  email: string
  name?: string
  avatar_url?: string
  emailVerified: boolean
  createdAt?: string
  customFields?: Record<string, any>
}

Next steps

Registration & Login — full flow with examples
OTP & Magic Link — passwordless sign-in
Email Verification — verify on sign-up
Password Reset — reset flow
Configuration — configure auth scenarios
React SDK — Auth — full useAuth hook reference

Overview Registration & Login