WEB SDK Overview
@slaunchx/web-sdk is a browser-oriented TypeScript SDK for WEB-chain clients. It groups three concerns into one package:
| Module | Purpose |
|---|---|
| Secure Channel | Establishes an SCv2 session and encrypts request/response payloads. |
| Auth | Handles login, MFA completion, token storage, refresh, and logout flows. |
| Request | Wraps fetch with standard headers, token refresh retry, and optional Secure Channel transport. |
Installation
1. Configure Registry
Add the SlaunchX scope to your project's .npmrc:
echo '@slaunchx:registry=https://gitea.slaunchx.cc/api/packages/slaunchx/npm/' >> .npmrc2. Authenticate (one-time)
Generate a Gitea personal access token with read:package scope, then configure npm auth:
npm config set //gitea.slaunchx.cc/api/packages/slaunchx/npm/:_authToken YOUR_TOKEN3. Install
npm install @slaunchx/web-sdkOr with pnpm:
pnpm add @slaunchx/web-sdkNote: This package is published to the internal Gitea Package Registry (
gitea.slaunchx.cc), not the public npm registry.
Quick Start
import {
AuthClient,
SlaunchxFetch,
TokenManager,
} from '@slaunchx/web-sdk';
const tokenManager = new TokenManager();
const auth = new AuthClient({
baseUrl: 'https://api.example.com',
portalAccessCode: 'portal-web',
tokenManager,
});
const client = new SlaunchxFetch({
baseUrl: 'https://api.example.com',
portalAccessCode: 'portal-web',
tokenManager,
locale: 'en',
workspaceId: 'workspace_123',
onTokenExpired: () => {
console.log('User session expired');
},
});
async function bootstrap() {
const challenge = await auth.initiateLogin('alice@example.com', 'password');
const method = challenge.methods[0];
await auth.completeLogin(challenge.sessionId, method, '123456');
const profile = await client.get<{ id: string; email: string }>('/me');
if (profile.success) {
console.log(profile.data.email);
}
const secureResult = await client.securePost<{ accepted: boolean }>(
'/payments/quote',
{ amount: 100, currency: 'USD' },
);
if (secureResult.success) {
console.log(secureResult.data.accepted);
}
}Module Map
Secure Channel
Use SecureChannel when an endpoint requires SCv2 encryption. The SDK fetches the backend RSA public key, creates a session, and then encrypts outbound JSON with AES-256-GCM.
See Secure Channel.
Auth
Use AuthClient for the login state machine and TokenManager for in-memory token storage. MFA is a two-step flow: initiate login, then complete the challenge.
See Auth.
Request
Use SlaunchxFetch for standard API calls. It injects portal and locale headers, retries 5xx responses with backoff, refreshes tokens on the first 401, and supports Secure Channel POSTs.
See Request Layer and API Reference.