User Authentication and Management R2R provides a comprehensive set of user authentication and management features, allowing you to implement secure and feature-rich authentication systems in your applications.
User Registration To register a new user:
const registerResponse = await client . register ( "user@example.com" , "password123" );
{ results : { email : 'user@example.com' , id : 'bf417057-f104-4e75-8579-c74d26fcbed3' , hashed_password : '$2b$12$p6a9glpAQaq.4uzi4gXQru6PN7WBpky/xMeYK9LShEe4ygBf1L.pK' , is_superuser : false , is_active : true , is_verified : false , verification_code_expiry : null , name : null , bio : null , profile_picture : null , created_at : '2024-07-16T22:53:47.524794Z' , updated_at : '2024-07-16T22:53:47.524794Z' } } Email Verification If email verification is enabled, verify a user’s email:
const verifyResponse = await client . verifyEmail ( "verification_code_here" );
{ results : { message : "Email verified successfully" } } User Login To log in and obtain access tokens:
const loginResponse = await client . login ( "user@example.com" , "password123" );
{ results : { access_token : { token : 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...' , token_type : 'access' }, refresh_token : { token : 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...' , token_type : 'refresh' } } } Get Current User Info Retrieve information about the currently authenticated user:
const user_info = client . user ()
{ 'results' : { 'email' : 'user@example.com' , 'id' : '76eea168-9f98-4672-af3b-2c26ec92d7f8' , 'hashed_password' : 'null' , 'is_superuser' : False , 'is_active' : True , 'is_verified' : True , 'verification_code_expiry' : None , 'name' : None , 'bio' : None , 'profile_picture' : None , 'created_at' : '2024-07-16T23:06:42.123303Z' , 'updated_at' : '2024-07-16T23:22:48.256239Z' } } Refresh Access Token Refresh an expired access token:
const refreshResponse = await client . refreshAccessToken ();
{ results : { access_token : { token : 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...' , token_type : 'access' }, refresh_token : { token : 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...' , token_type : 'refresh' } } } Change Password Change the user’s password:
const changePasswordResult = await client . changePassword ( "password123" , "new_password" );
{ results : { message : "Password changed successfully" } } Request Password Reset Request a password reset for a user:
const resetRequestResult = await client . requestPasswordReset ( "user@example.com" );
{ results : { message : "If the email exists, a reset link has been sent" } } Confirm Password Reset Confirm a password reset using the reset token:
const resetConfirmResult = await client . confirmPasswordReset ( "reset_token_here" , "new_password" );
{ results : { message : "Password reset successfully" } } Update User Profile Update the user’s profile information:
// keeping the user's email as is: const updateResult = client . updateUser ( undefined , "John Doe" , "R2R enthusiast" );
{ 'results' : { 'email' : 'user@example.com' , 'id' : '76eea168-9f98-4672-af3b-2c26ec92d7f8' , 'hashed_password' : 'null' , 'is_superuser' : False , 'is_active' : True , 'is_verified' : True , 'verification_code_expiry' : None , 'name' : 'John Doe' , 'bio' : 'R2R enthusiast' , 'profile_picture' : None , 'created_at' : '2024-07-16T23:06:42.123303Z' , 'updated_at' : '2024-07-16T23:22:48.256239Z' } } Delete User Account Delete the user’s account:
const user_id = register_response [ "results" ][ "id" ] # input unique id here const delete_result = client . delete_user ( user_id , "password123" )
{ 'results' : { 'message' : 'User account deleted successfully' } } User Logout Log out and invalidate the current access token:
const logoutResponse = await client . logout ();
{ results : { message : "Logged out successfully" } } Superuser Capabilities Superusers have additional privileges, including access to system-wide operations and sensitive information. To use superuser capabilities, authenticate as a superuser or the default admin:
// Login as admin const loginResult = await client . login ( "admin@example.com" , "admin_password" ); // Access superuser features const usersOverview = await client . usersOverview (); const logs = await client . logs (); const analyticsResult = await client . analytics ( { filters: { all_latencies: "search_latency" } }, { analysis_types: { search_latencies: [ "basic_statistics" , "search_latency" ] } } ); Superuser actions should be performed with caution and only by authorized personnel. Ensure proper security measures are in place when using superuser capabilities.
Security Considerations When implementing user authentication, consider the following best practices:
Always use HTTPS in production to encrypt data in transit.
Implement rate limiting to protect against brute-force attacks.
Use secure password hashing (R2R uses bcrypt by default).
Consider implementing multi-factor authentication (MFA) for enhanced security.
Conduct regular security audits of your authentication system.
For more advanced use cases or custom implementations, refer to the R2R documentation or reach out to the community for support. 
