Authentication

Pace comes with a fully featured and cutomizable authentication system that provides various ways for users to register and authenticate on your application. Out of the box you get:

  • Standard authentication
  • Social authentication
  • Passwordless authentication
  • Email verification
  • Password resets

Standard authentication

By default, the register form collects the user's name, email address, and password, while the login form uses an email and password combination to authenticate users. Of course, you can tweak this according to your application.

Social authentication

Along with the standard authentication, Pace also comes with social authentication, which allows users of your application to register and log in with various OAuth providers.

There's a one-to-many relationship between User and UserSocial, and hence, users can register or log in with any or many social providers.

By default, Pace comes configured with 3 providers: GitHub, Google, and Twitter. You can configure these inside config/pace.ts:

auth: {
  socialAuth: {
    enabled: true,
    providers: ['github', 'google', 'twitter'],
  }
}

Make sure to enter your providers' details inside .env:

// .env

GITHUB_CLIENT_ID=clientId
GITHUB_CLIENT_SECRET=clientSecret
GITHUB_CALLBACK_URL=callbackUrl

GOOGLE_CLIENT_ID=clientId
GOOGLE_CLIENT_SECRET=clientSecret
GOOGLE_CALLBACK_URL=callbackUrl

TWITTER_CLIENT_ID=clientId
TWITTER_CLIENT_SECRET=clientSecret
TWITTER_CALLBACK_URL=callbackUrl

You can add (or remove) any of the other providers AdonisJS supports.

If social authentication doesn't apply to your application, you can disable it in config/pace.ts:

auth: {
  socialAuth: {
    enabled: false,
  }
}

Passwordless authentication

Users can also register and log in without a password. They only need to enter their email addresses and an email containing a magic link will be sent to them. Users can then use the magic link to log in. If the user already has an account, they will be logged in. Otherwise, an account will be created for them, then they will be logged in.

This can be enabled or disabled inside config/pace.ts:

auth: {
  magicLink: {
    enabled: true,
    expiresIn: '24h',
  }
}
Admin Area Two Factor Authentication