Authentication

Configure authentication for the Lightning Logs SDK using JWT tokens or API keys.

JWT Token Authentication

Use JWT tokens from Supabase Auth for authenticated requests

With Supabase Auth

import { LightningLogsClient } from '@lightning-logs/sdk'
import { createClient } from '@supabase/supabase-js'

const supabase = createClient(
  'https://your-project.supabase.co',
  'your-anon-key'
)

const client = new LightningLogsClient({
  baseURL: 'https://your-project.supabase.co',
  apiKey: 'your-anon-key',
  getAuthToken: async () => {
    const { data: { session } } = await supabase.auth.getSession()
    return session?.access_token || null
  }
})

Manual Token Management

let authToken: string | null = null

const client = new LightningLogsClient({
  baseURL: 'https://your-project.supabase.co',
  apiKey: 'your-anon-key',
  getAuthToken: async () => authToken
})

// Set token after login
async function login(email: string, password: string) {
  const response = await fetch('https://your-project.supabase.co/auth/v1/token?grant_type=password', {
    method: 'POST',
    headers: { 'Content-Type': 'application/json' },
    body: JSON.stringify({ email, password })
  })
  const data = await response.json()
  authToken = data.access_token
  
  // Or use the client's setAuthToken method
  await client.setAuthToken(data.access_token)
}

// Clear token on logout
function logout() {
  authToken = null
  client.clearAuth()
}

API Key Authentication

Use API keys for server-to-server authentication

Using API Keys

const client = new LightningLogsClient({
  baseURL: 'https://your-project.supabase.co',
  apiKey: 'your-anon-key',
  getAuthToken: async () => {
    // Return your API key (prefixed with ll_)
    return 'll_your_api_key_here'
  }
})

Creating API Keys

API keys can be created through the dashboard or programmatically:

// Create an API key
const { data: apiKey } = await client.apiKeys.createKey('Production API Key')

// Store the key_value securely (only shown once)
console.log('API Key:', apiKey.key_value)
// Store this in environment variables or secure storage

Environment Variables

Store credentials securely using environment variables

.env file

NEXT_PUBLIC_SUPABASE_URL=https://your-project.supabase.co
NEXT_PUBLIC_SUPABASE_ANON_KEY=your-anon-key
LIGHTNING_LOGS_API_KEY=ll_your_api_key_here

Using Environment Variables

const client = new LightningLogsClient({
  baseURL: process.env.NEXT_PUBLIC_SUPABASE_URL!,
  apiKey: process.env.NEXT_PUBLIC_SUPABASE_ANON_KEY!,
  getAuthToken: async () => {
    // Use API key from environment
    return process.env.LIGHTNING_LOGS_API_KEY || null
  }
})

Token Refresh

Handle token expiration and refresh

const client = new LightningLogsClient({
  baseURL: 'https://your-project.supabase.co',
  apiKey: 'your-anon-key',
  getAuthToken: async () => {
    const { data: { session } } = await supabase.auth.getSession()
    
    // Check if token is expired
    if (session && session.expires_at) {
      const expiresAt = session.expires_at * 1000
      const now = Date.now()
      
      // Refresh if expires in less than 5 minutes
      if (expiresAt - now < 5 * 60 * 1000) {
        const { data: { session: newSession } } = await supabase.auth.refreshSession()
        return newSession?.access_token || null
      }
    }
    
    return session?.access_token || null
  }
})