Auth constants
Exported from @sumx/ssr-auth-core / @sumx/ssr-auth-core/auth-constants.
Broadcast & storage keys
| Constant | Value / purpose |
|---|---|
AUTH_LOGOUT_BROADCAST_KEY | Cross-tab logout (localStorage) |
AUTH_LOGIN_BROADCAST_KEY | Cross-tab login notification |
AUTH_FORCE_PROMPT_LOGIN_KEY | Force interactive login on next sign-in |
LAST_OIDC_PIPELINE_SUB_STORAGE_KEY | Last OIDC subject for pipeline compare |
LAST_OIDC_PIPELINE_IDENTITY_KEY | Serialized pipeline identity |
AUTH_EVENT_CHANNEL_NAME | BroadcastChannel for auth events |
LEGACY_AUTH_CLEANUP_MARKER_KEY | One-time legacy storage cleanup |
AUTH_SESSION_TIMEOUT_DIALOG_KEY | Cross-tab “session elsewhere” UI flag |
RETURN_PATH_STORAGE_KEY | Stored post-login path |
Cookies & endpoints
| Constant | Purpose |
|---|---|
SUMX_IS_LOGGED_IN_COOKIE_NAME | Client-readable logged-in flag (isLoggedIn) |
AUTH_SESSION_SYNC_ENDPOINT | /api/auth/session |
AUTH_LOGOUT_ENDPOINT | /api/auth/logout |
AUTH_SESSION_SYNC_HEADER | x-auth-session-sync — marks sync requests |
Timeouts (ms)
| Constant | Default | Use |
|---|---|---|
INTERACTIVE_SIGNIN_TIMEOUT_MS | 8000 | OIDC interactive sign-in |
AUTH_SESSION_VERIFY_TIMEOUT_MS | 25000 | Server session verification |
USER_INITIATED_SERVER_LOGOUT_POST_TIMEOUT_MS | 3000 | Logout POST budget |
AUTH_STORAGE_SYNC_KEYS
Keys cleared/synced on auth state changes (used by portal cookie utils).
Example
import {
AUTH_SESSION_SYNC_ENDPOINT,
RETURN_PATH_STORAGE_KEY,
} from '@sumx/ssr-auth-core/auth-constants';Use these instead of hardcoding strings so kit and portal stay aligned across versions.