@canxjs/citadel provides a featherweight authentication system for SPAs, mobile applications, and simple token-based APIs. Inspired by Laravel Sanctum.
1npm install @canxjs/citadel2# or3bun add @canxjs/citadel
1// src/app/providers.ts2import { CitadelServiceProvider } from "@canxjs/citadel";34export const providers = [5CitadelServiceProvider,6];
1node canx citadel:install2node canx migrate
Add the HasApiTokens mixin to your User model, then use createToken() to generate tokens.
1import { User } from "./models/User";23// User model must use HasApiTokens mixin4const user = await User.find(1);56const { plainTextToken } = await user.createToken("my-app", ["*"]);78return response.json({ token: plainTextToken });
Tokens can be scoped with specific abilities (permissions). Use tokenCan() to check.
1// Create a token with specific abilities2const token = await user.createToken("editor", ["server:create", "server:update"]);34// Check ability5if (user.tokenCan("server:create")) {6// User can create servers7}