Ember Simple Auth Token

raw JSON →
6.0.1 verified Sat Apr 25 auth: no javascript

An Ember addon extending Ember Simple Auth with token-based authentication (JWT) support, including automatic token refresh. Current stable version: 6.0.1. Release cadence is sporadic, with major version bumps aligning with Ember and ember-simple-auth upgrades. Key differentiators: JWT auto-refresh, v2 addon format, and compatibility with Ember 4+ and ember-simple-auth v6. Alternatives include custom authentication strategies or other ESA extensions.

Common errors

error Error: Could not find module `ember-simple-auth-token/authenticators/jwt`
cause Import path incorrect or addon not installed.
fix
Ensure addon is installed: ember install ember-simple-auth-token. Use correct import path: import JWTTokenAuthenticator from 'ember-simple-auth-token/authenticators/jwt';
error Uncaught TypeError: session.setup is not a function
cause Missing call to session.setup() in application route (required since v6).
fix
In app/routes/application.js, call await this.session.setup(); in beforeModel.
error Cannot read property 'requireAuthentication' of undefined
cause session service not injected or not properly set up.
fix
Inject session service with @inject session; and ensure session.setup() is called before accessing session methods.

Warnings

breaking v6.0.0 drops support for Ember < 4, Node < 16, and ember-simple-auth < 6.
fix Upgrade to Ember 4+ and Node 16+. Install ember-simple-auth@6.
breaking v6.0.0 changes to v2 addon format. You must manually call session.setup() in application route.
fix Add session.setup() call in application route's beforeModel hook.
deprecated DataAdapterMixin is no longer provided by this addon since v5.2.2. Use ember-simple-auth's mixin instead.
fix import DataAdapterMixin from 'ember-simple-auth/mixins/data-adapter-mixin';
gotcha ember-simple-auth is a peer dependency and must be installed manually.
fix Run 'ember install ember-simple-auth' in addition to installing this addon.
gotcha You must use HTTPS in production to protect token and credentials in transit.
fix Configure your server to use HTTPS.

Install

npm install ember-simple-auth-token
yarn add ember-simple-auth-token
pnpm add ember-simple-auth-token

Imports

Quickstart

Configures JWT authenticator, token authorizer, session setup in application route, and authenticated route with requireAuthentication.

// app/authenticators/jwt.js
import JWTTokenAuthenticator from 'ember-simple-auth-token/authenticators/jwt';
export default class JWTAuthenticator extends JWTTokenAuthenticator {
  // optional: override serverTokenEndpoint, etc.
}

// app/authorizers/application.js
import TokenAuthorizer from 'ember-simple-auth-token/authorizers/token';
export default class ApplicationAuthorizer extends TokenAuthorizer {}

// app/routes/application.js
import Route from '@ember/routing/route';
import { inject as service } from '@ember/service';
export default class ApplicationRoute extends Route {
  @service session;
  async beforeModel() {
    await this.session.setup();
  }
}

// app/routes/authenticated.js
import Route from '@ember/routing/route';
import { inject as service } from '@ember/service';
export default class AuthenticatedRoute extends Route {
  @service session;
  beforeModel(transition) {
    this.session.requireAuthentication(transition, 'login');
  }
}

// config/environment.js
ENV['ember-simple-auth-token'] = {
  serverTokenEndpoint: '/api/token',
  serverTokenRefreshEndpoint: '/api/token/refresh',
  identificationField: 'username',
  passwordField: 'password',
  tokenPropertyName: 'token',
  refreshTokenPropertyName: 'refresh_token',
  refreshLeeway: 300 // seconds
};
last verified Sat Apr 25
next check Fri Jul 24