signInWithPassword
- Password Authentication
- Type:
(email: string, password: string, options?: AuthOptions) => AuthData
- Description: Authenticates a user with their email and password, automatically setting the authentication cookie upon success.
Parameters
email
: The user's email addresspassword
: The user's passwordoptions
: (Optional) Authentication optionstype AuthOptions = { collection: string // The collection to authenticate against (defaults to "users") }
Basic Usage
<%
try {
// Default usage - authenticates against "users" collection
const authData = signInWithPassword('[email protected]', 'password123')
// Or specify a custom collection
const authData = signInWithPassword('[email protected]', 'password123', {
collection: 'admins'
})
// User is now logged in
redirect('/dashboard')
} catch (error) {
// Handle authentication error
}
%>
Return Value
Returns an AuthData
object containing:
interface AuthData {
token: string // The authentication token
record: {
// The authenticated user record
id: string
email: string
username: string
verified: boolean
// ... other user fields
}
}
Complete Login Form Example
<%
if (request.method === 'POST') {
try {
const { email, password } = formData
// Validate required fields
if (!email || !password) {
throw new Error('Email and password are required')
}
// Attempt login
const authData = signInWithPassword(email, password)
// Successful login - redirect to dashboard
redirect('/dashboard')
} catch (error) {
// Login failed
%>
<div class="error">
Login failed: <%= error.message %>
</div>
<%
}
}
%>
<form method="POST">
<div class="form-group">
<label for="email">Email:</label>
<input type="email"
id="email"
name="email"
value="<%= formData.email || '' %>"
required>
</div>
<div class="form-group">
<label for="password">Password:</label>
<input type="password"
id="password"
name="password"
required>
</div>
<button type="submit">Sign In</button>
<div class="links">
<a href="/auth/forgot-password">Forgot Password?</a>
<a href="/auth/register">Create Account</a>
</div>
</form>
Important Notes
Cookie Management: This function automatically:
- Authenticates with PocketBase
- Sets the authentication cookie
- Makes the user record available via
request.auth
Error Handling: Common errors to handle:
- Invalid credentials
- Unverified email
- Account disabled
- Network/database errors
Security Considerations:
- Always use HTTPS in production
- Implement rate limiting for failed attempts
- Consider adding CSRF protection
- Use secure password policies