Add Authentication to Your App

Want users to sign in to your app? With itsalive.co, authentication is built in. Users enter their email, click a link, and they're logged in. No password management, no OAuth setup.

How It Works

1. User enters their email
2. We send them a magic link
3. They click the link
4. They're logged in with a session cookie

Triggering Login

Call the login endpoint with the user's email:

async function login(email) {
  const response = await fetch('/_auth/login', {
    method: 'POST',
    headers: { 'Content-Type': 'application/json' },
    body: JSON.stringify({ email })
  });

  if (response.ok) {
    alert('Check your email for a login link!');
  }
}

Checking Login Status

See if the current user is logged in:

async function checkAuth() {
  const response = await fetch('/_auth/me');

  if (response.ok) {
    const user = await response.json();
    console.log('Logged in as:', user.email);
    return user;
  } else {
    console.log('Not logged in');
    return null;
  }
}

Logging Out

Clear the user's session:

async function logout() {
  await fetch('/_auth/logout', { method: 'POST' });
  window.location.reload();
}

Complete Example

Here's a simple app with login/logout:

<!DOCTYPE html>
<html>
<head>
  <title>My App</title>
</head>
<body>
  <div id="app"></div>

  <script>
    const app = document.getElementById('app');

    async function checkAuth() {
      const res = await fetch('/_auth/me');
      if (res.ok) return await res.json();
      return null;
    }

    async function login() {
      const email = document.getElementById('email').value;
      const res = await fetch('/_auth/login', {
        method: 'POST',
        headers: { 'Content-Type': 'application/json' },
        body: JSON.stringify({ email })
      });
      if (res.ok) {
        app.innerHTML = '<p>Check your email for a login link!</p>';
      }
    }

    async function logout() {
      await fetch('/_auth/logout', { method: 'POST' });
      window.location.reload();
    }

    async function init() {
      const user = await checkAuth();

      if (user) {
        app.innerHTML = \`
          <h1>Welcome, \${user.email}!</h1>
          <button onclick="logout()">Log Out</button>
        \`;
      } else {
        app.innerHTML = \`
          <h1>Please Log In</h1>
          <input type="email" id="email" placeholder="your@email.com">
          <button onclick="login()">Send Login Link</button>
        \`;
      }
    }

    init();
  </script>
</body>
</html>

User Data

Once a user is logged in, the /_auth/me endpoint returns:

{
  "email": "user@example.com",
  "id": "usr_abc123..."
}

Protected Data

Any data you store with the database API is automatically scoped to the logged-in user. No extra code needed.

Tips

• Check auth on load: Call /_auth/me when your app starts
• Handle loading state: Show a spinner while checking auth
• Redirect after login: The magic link brings users back to your app automatically

Next Steps

• Store user data with the database API
• Add a custom domain for a professional look