Authentication
kalam-link models auth as a tagged union with type-safe constructors.
Auth modes
import { Auth } from 'kalam-link';
Auth.basic('username', 'password'); // { type: 'basic', ... }
Auth.jwt('<token>'); // { type: 'jwt', ... }
Auth.none(); // { type: 'none' }Create client with auth
import { createClient, Auth } from 'kalam-link';
const basicClient = createClient({
url: 'http://localhost:8080',
auth: Auth.basic('alice', 'Secret123!'),
});
const jwtClient = createClient({
url: 'http://localhost:8080',
auth: Auth.jwt('<JWT_TOKEN>'),
});Basic β JWT login upgrade
From source (client.ts):
login()requires current auth type to bebasic- SDK calls
/v1/api/auth/loginthrough WASM - on success, SDK updates internal auth to JWT (
access_token)
const client = createClient({
url: 'http://localhost:8080',
auth: Auth.basic('alice', 'Secret123!'),
});
const login = await client.login();
console.log(login.access_token, login.refresh_token);
// client auth is now JWT internallyRefresh token flow
const refreshed = await client.refreshToken('<refresh_token>');
console.log(refreshed.access_token);refreshToken() also updates internal auth to the new JWT token.
Auth helpers
The SDK exports helper utilities from auth.ts:
import {
buildAuthHeader,
encodeBasicAuth,
isBasicAuth,
isJwtAuth,
isNoAuth,
isAuthenticated,
} from 'kalam-link';buildAuthHeader() output:
- basic β
Basic <base64(username:password)> - jwt β
Bearer <token> - none β
undefined
This is used directly by queryWithFiles() when sending multipart uploads.
Practical recommendations
- Use
Auth.basic(...) + login()for explicit session bootstrap. - Persist and reuse JWT in your app layer for long-lived sessions.
- Use
Auth.none()only in trusted/local environments.
Last updated on