Learn how to configure and use the authentication provider in R2R
CryptoProvider
and AuthProvider
combine to handle user authentication and cryptographic operations in your applications. This guide offers an in-depth look at the system’s architecture, configuration options, and best practices for implementation.
For a practical, step-by-step guide on implementing authentication in R2R, including code examples and common use cases, see our User Auth Cookbook.
r2r.toml
), unauthenticated requests will default to using the credentials of the default admin user.This behavior ensures that operations can proceed smoothly in development or testing environments where authentication may not be enforced, but it should be used with caution in production settings.R2RAuthProvider
offers a complete authentication solution.
Key features:
BCryptProvider
handles cryptographic operations.
Key features:
register
: User registrationlogin
: User authenticationrefresh_access_token
: Token refreshlogout
: Session terminationuser
: Retrieve user datachange_password
: Update user passwordrequest_password_reset
: Initiate password resetconfirm_password_reset
: Complete password resetverify_email
: Email verificationget_user_profile
: Fetch user profileupdate_user
: Modify user profiledelete_user_account
: Account deletionrequire_authentication
to true
in production.require_email_verification
for enhanced security.AuthProvider
abstract base class. This allows you to create tailored authentication methods while maintaining compatibility with the R2R ecosystem.
Here’s an example of how to create a custom authentication provider:
AuthProvider
that interfaces with these external services. Here’s an outline of how you might approach this:
AuthProvider
:AuthProvider
.salt_rounds
.