@clerk/express
Version:
Clerk server SDK for usage with Express
94 lines (86 loc) • 3.32 kB
text/typescript
import { ClerkClient as ClerkClient$1, createClerkClient } from '@clerk/backend';
export * from '@clerk/backend';
import { SignedInAuthObject, SignedOutAuthObject, AuthenticateRequestOptions, GetAuthFn, RequestState } from '@clerk/backend/internal';
import { PendingSessionOptions } from '@clerk/types';
import { Request, RequestHandler } from 'express';
declare const clerkClient: ClerkClient$1;
type ExpressRequestWithAuth = Request & {
auth: (options?: PendingSessionOptions) => SignedInAuthObject | SignedOutAuthObject;
};
type ClerkMiddlewareOptions = AuthenticateRequestOptions & {
debug?: boolean;
clerkClient?: ClerkClient;
/**
* Enables Clerk's handshake flow, which helps verify the session state
* when a session JWT has expired. It issues a 307 redirect to refresh
* the session JWT if the user is still logged in.
*
* This is useful for server-rendered fullstack applications to handle
* expired JWTs securely and maintain session continuity.
*
* @default true
*/
enableHandshake?: boolean;
};
type ClerkClient = ReturnType<typeof createClerkClient>;
type AuthenticateRequestParams = {
clerkClient: ClerkClient;
request: Request;
options?: ClerkMiddlewareOptions;
};
/**
* Middleware that integrates Clerk authentication into your Express application.
* It checks the request's cookies and headers for a session JWT and, if found,
* attaches the Auth object to the request object under the `auth` key.
*
* @example
* app.use(clerkMiddleware(options));
*
* @example
* const clerkClient = createClerkClient({ ... });
* app.use(clerkMiddleware({ clerkClient }));
*
* @example
* app.use(clerkMiddleware());
*/
declare const clerkMiddleware: (options?: ClerkMiddlewareOptions) => RequestHandler;
/**
* Retrieves the Clerk AuthObject using the current request object.
*
* @param {GetAuthOptions} options - Optional configuration for retriving auth object.
* @returns {AuthObject} Object with information about the request state and claims.
* @throws {Error} `clerkMiddleware` or `requireAuth` is required to be set in the middleware chain before this util is used.
*/
declare const getAuth: GetAuthFn<Request>;
/**
* Middleware to require authentication for user requests.
* Redirects unauthenticated requests to the sign-in url.
*
* @example
* // Basic usage
* import { requireAuth } from '@clerk/express'
*
* router.use(requireAuth())
* //or
* router.get('/path', requireAuth(), getHandler)
*
* @example
* // Customizing the sign-in path
* router.use(requireAuth({ signInUrl: '/sign-in' }))
*
* @example
* // Combining with permission check
* import { getAuth, requireAuth } from '@clerk/express'
*
* const hasPermission = (req, res, next) => {
* const auth = getAuth(req)
* if (!auth.has({ permission: 'permission' })) {
* return res.status(403).send('Forbidden')
* }
* return next()
* }
* router.get('/path', requireAuth(), hasPermission, getHandler)
*/
declare const requireAuth: (options?: ClerkMiddlewareOptions) => RequestHandler;
declare const authenticateRequest: (opts: AuthenticateRequestParams) => Promise<RequestState<"session_token">>;
export { type ExpressRequestWithAuth, authenticateRequest, clerkClient, clerkMiddleware, getAuth, requireAuth };