DEV Community: susheel kumar The latest articles on DEV Community by susheel kumar (@susheel_kumar_2041f5433d2). https://dev.to/susheel_kumar_2041f5433d2 https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F2976786%2Fe3e5131c-785e-4dd9-876a-0060981e5b93.png DEV Community: susheel kumar https://dev.to/susheel_kumar_2041f5433d2 en Introducing Sakshsky-Auth: Secure Passwordless Email Authentication for Node.js susheel kumar Sat, 12 Jul 2025 06:12:42 +0000 https://dev.to/susheel_kumar_2041f5433d2/introducing-sakshsky-auth-secure-passwordless-email-authentication-for-nodejs-20nc https://dev.to/susheel_kumar_2041f5433d2/introducing-sakshsky-auth-secure-passwordless-email-authentication-for-nodejs-20nc <p>In today's fast-paced digital world, traditional password-based authentication is increasingly seen as a vulnerability—prone to breaches, phishing, and user frustration. Enter passwordless authentication, a modern approach that leverages secure, one-time verification methods like email codes. At Sakshsky, we're excited to release <strong>sakshsky-auth</strong>, a lightweight Node.js package designed to make implementing robust, tamper-resistant email-based authentication simple and secure.</p> <p>Whether you're building a web app, API, or internal tool, sakshsky-auth handles the heavy lifting: generating verification codes, binding them to device fingerprints, and verifying incoming emails with built-in IMAP/POP3 monitoring. Let's dive into what makes this package a game-changer for developers prioritizing security without complexity.</p> <h2> Why Passwordless Authentication? </h2> <p>Passwords are a pain point. Users forget them, attackers crack them, and managing them securely requires hashing, salting, and constant updates. Passwordless systems, like those used by companies such as Slack or GitHub, shift the burden to trusted channels like email or biometrics.</p> <p>Sakshsky-auth focuses on email verification, enhanced with device fingerprinting to prevent common attacks like code interception or replay. It's ideal for apps where email is a primary identifier, offering a seamless user experience: Enter your email, get a code, send it back, and you're in—no passwords required.</p> <h2> Key Features </h2> <p>Sakshsky-auth is built with security and ease-of-use in mind. Here's what sets it apart:</p> <ul> <li> <strong>Passwordless Flow</strong>: Users initiate login with their email, receive a pre-filled verification email, and send it to complete auth.</li> <li> <strong>Device Fingerprinting</strong>: Collects session data (IP, UA, browser, etc.) to create a unique "fingerprint" bound to the code, reducing cross-device tampering risks.</li> <li> <strong>Tamper Detection</strong>: Uses salted SHA-256 hashes to verify email integrity—any alteration to the code or hash fails authentication.</li> <li> <strong>Built-in Email Monitoring</strong>: Supports IMAP and POP3 for real-time or polled inbox checking, with auto-protocol detection.</li> <li> <strong>Customizable Code Generation</strong>: Use the default UUID or provide your own generator for shorter/OTP-style codes.</li> <li> <strong>MongoDB Integration</strong>: Stores temporary verification records via Mongoose for easy expiry and cleanup.</li> <li> <strong>Socket.IO Support</strong>: Real-time notifications for successful verifications, perfect for live apps.</li> </ul> <p>The package is modular, lightweight (under 50KB installed), and has no external runtime dependencies beyond what's needed for your stack.</p> <h2> How It Works Under the Hood </h2> <ol> <li> <strong>Initiation</strong>: On login request, the package generates a code, collects a device fingerprint, salts and hashes it, and prepares a pre-filled email (using <code>mailto:</code> for client-side compose).</li> <li> <strong>Email Sending</strong>: The user sends the email with the code and hash.</li> <li> <strong>Verification</strong>: The package monitors the inbox (IMAP/IDLE for real-time or POP3/polling), parses incoming emails, extracts code/hash, rebuilds the hash from stored data, and checks for matches. On success, it triggers a callback (e.g., Socket.IO emit) and deletes the record.</li> <li> <strong>Security Checks</strong>: Expiry, sender match, and hash validation ensure safety.</li> </ol> <p>This flow minimizes attack surfaces while keeping things user-friendly.</p> <h2> Installation and Quick Start </h2> <p>Get started in minutes:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install </span>sakshsky-auth </code></pre> </div> <p>In your Node.js app (e.g., Express):<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">express</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">express</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">http</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">http</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">socketIo</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">socket.io</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">mongoose</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">mongoose</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">path</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">path</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">sakshskyInitLoginHandler</span><span class="p">,</span> <span class="nx">sakshskyStartAuthMonitor</span> <span class="p">}</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">sakshsky-auth</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">app</span> <span class="o">=</span> <span class="nf">express</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">server</span> <span class="o">=</span> <span class="nx">http</span><span class="p">.</span><span class="nf">createServer</span><span class="p">(</span><span class="nx">app</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">io</span> <span class="o">=</span> <span class="nf">socketIo</span><span class="p">(</span><span class="nx">server</span><span class="p">);</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="nx">express</span><span class="p">.</span><span class="nf">json</span><span class="p">());</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="nx">express</span><span class="p">.</span><span class="nf">urlencoded</span><span class="p">({</span> <span class="na">extended</span><span class="p">:</span> <span class="kc">true</span> <span class="p">}));</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="nx">express</span><span class="p">.</span><span class="nf">static</span><span class="p">(</span><span class="nx">path</span><span class="p">.</span><span class="nf">join</span><span class="p">(</span><span class="nx">__dirname</span><span class="p">,</span> <span class="dl">'</span><span class="s1">public</span><span class="dl">'</span><span class="p">)));</span> <span class="c1">// Connect to MongoDB</span> <span class="nx">mongoose</span><span class="p">.</span><span class="nf">connect</span><span class="p">(</span><span class="dl">'</span><span class="s1">mongodb://localhost:27017/emailAuth</span><span class="dl">'</span><span class="p">);</span> <span class="c1">// Define schemas</span> <span class="kd">const</span> <span class="nx">verificationSchema</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">mongoose</span><span class="p">.</span><span class="nc">Schema</span><span class="p">({</span> <span class="na">email</span><span class="p">:</span> <span class="nb">String</span><span class="p">,</span> <span class="na">code</span><span class="p">:</span> <span class="nb">String</span><span class="p">,</span> <span class="na">expiry</span><span class="p">:</span> <span class="nb">Date</span><span class="p">,</span> <span class="na">socketId</span><span class="p">:</span> <span class="nb">String</span><span class="p">,</span> <span class="na">hashedFingerprint</span><span class="p">:</span> <span class="nb">String</span><span class="p">,</span> <span class="na">salt</span><span class="p">:</span> <span class="nb">String</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">Verification</span> <span class="o">=</span> <span class="nx">mongoose</span><span class="p">.</span><span class="nf">model</span><span class="p">(</span><span class="dl">'</span><span class="s1">Verification</span><span class="dl">'</span><span class="p">,</span> <span class="nx">verificationSchema</span><span class="p">);</span> <span class="c1">// Login initiation route</span> <span class="nx">app</span><span class="p">.</span><span class="nf">post</span><span class="p">(</span><span class="dl">'</span><span class="s1">/api/init-login</span><span class="dl">'</span><span class="p">,</span> <span class="k">async </span><span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">serverEmail</span> <span class="o">=</span> <span class="dl">'</span><span class="s1">verify@yourdomain.com</span><span class="dl">'</span><span class="p">;</span> <span class="c1">// Your inbound email</span> <span class="k">await</span> <span class="nf">sakshskyInitLoginHandler</span><span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">,</span> <span class="nx">serverEmail</span><span class="p">);</span> <span class="p">});</span> <span class="c1">// Serve frontend</span> <span class="nx">app</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">'</span><span class="s1">/</span><span class="dl">'</span><span class="p">,</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">res</span><span class="p">.</span><span class="nf">sendFile</span><span class="p">(</span><span class="nx">path</span><span class="p">.</span><span class="nf">join</span><span class="p">(</span><span class="nx">__dirname</span><span class="p">,</span> <span class="dl">'</span><span class="s1">public</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">index.html</span><span class="dl">'</span><span class="p">));</span> <span class="p">});</span> <span class="c1">// Dashboard (protect in production)</span> <span class="nx">app</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">'</span><span class="s1">/dashboard</span><span class="dl">'</span><span class="p">,</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">res</span><span class="p">.</span><span class="nf">send</span><span class="p">(</span><span class="dl">'</span><span class="s1">Logged in!</span><span class="dl">'</span><span class="p">);</span> <span class="p">});</span> <span class="c1">// Email config</span> <span class="kd">const</span> <span class="nx">emailConfig</span> <span class="o">=</span> <span class="p">{</span> <span class="na">host</span><span class="p">:</span> <span class="dl">'</span><span class="s1">imap.gmail.com</span><span class="dl">'</span><span class="p">,</span> <span class="na">port</span><span class="p">:</span> <span class="mi">993</span><span class="p">,</span> <span class="na">user</span><span class="p">:</span> <span class="dl">'</span><span class="s1">your-inbox@gmail.com</span><span class="dl">'</span><span class="p">,</span> <span class="na">pass</span><span class="p">:</span> <span class="dl">'</span><span class="s1">app-password</span><span class="dl">'</span> <span class="p">};</span> <span class="c1">// Start monitor</span> <span class="nf">sakshskyStartAuthMonitor</span><span class="p">(</span><span class="nx">emailConfig</span><span class="p">,</span> <span class="p">(</span><span class="nx">verification</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">io</span><span class="p">.</span><span class="nf">to</span><span class="p">(</span><span class="nx">verification</span><span class="p">.</span><span class="nx">socketId</span><span class="p">).</span><span class="nf">emit</span><span class="p">(</span><span class="dl">'</span><span class="s1">verified</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">email</span><span class="p">:</span> <span class="nx">verification</span><span class="p">.</span><span class="nx">email</span> <span class="p">});</span> <span class="p">});</span> <span class="nx">server</span><span class="p">.</span><span class="nf">listen</span><span class="p">(</span><span class="mi">3000</span><span class="p">,</span> <span class="p">()</span> <span class="o">=&gt;</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="dl">'</span><span class="s1">Server on port 3000</span><span class="dl">'</span><span class="p">));</span> </code></pre> </div> <h2> Detailed Example: Copy-Paste and Run </h2> <p>To help you get started quickly, here's a complete, copy-pasteable example. This includes a basic Express server, MongoDB setup, and a simple frontend HTML file. Save the server code as <code>server.js</code>, the HTML as <code>public/index.html</code>, and run <code>node server.js</code>.</p> <h3> Server Code (server.js) </h3> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">express</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">express</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">http</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">http</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">socketIo</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">socket.io</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">path</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">path</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">mongoose</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">mongoose</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">sakshskyInitLoginHandler</span><span class="p">,</span> <span class="nx">sakshskyStartAuthMonitor</span> <span class="p">}</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">sakshsky-auth</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">app</span> <span class="o">=</span> <span class="nf">express</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">server</span> <span class="o">=</span> <span class="nx">http</span><span class="p">.</span><span class="nf">createServer</span><span class="p">(</span><span class="nx">app</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">io</span> <span class="o">=</span> <span class="nf">socketIo</span><span class="p">(</span><span class="nx">server</span><span class="p">);</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="nx">express</span><span class="p">.</span><span class="nf">json</span><span class="p">());</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="nx">express</span><span class="p">.</span><span class="nf">urlencoded</span><span class="p">({</span> <span class="na">extended</span><span class="p">:</span> <span class="kc">true</span> <span class="p">}));</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="nx">express</span><span class="p">.</span><span class="nf">static</span><span class="p">(</span><span class="nx">path</span><span class="p">.</span><span class="nf">join</span><span class="p">(</span><span class="nx">__dirname</span><span class="p">,</span> <span class="dl">'</span><span class="s1">public</span><span class="dl">'</span><span class="p">)));</span> <span class="c1">// Connect to MongoDB</span> <span class="nx">mongoose</span><span class="p">.</span><span class="nf">connect</span><span class="p">(</span><span class="dl">'</span><span class="s1">mongodb://localhost:27017/emailAuth</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">useNewUrlParser</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">useUnifiedTopology</span><span class="p">:</span> <span class="kc">true</span> <span class="p">})</span> <span class="p">.</span><span class="nf">then</span><span class="p">(()</span> <span class="o">=&gt;</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="dl">'</span><span class="s1">MongoDB connected</span><span class="dl">'</span><span class="p">))</span> <span class="p">.</span><span class="k">catch</span><span class="p">(</span><span class="nx">err</span> <span class="o">=&gt;</span> <span class="nx">console</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span><span class="dl">'</span><span class="s1">MongoDB error:</span><span class="dl">'</span><span class="p">,</span> <span class="nx">err</span><span class="p">));</span> <span class="c1">// Define verification schema</span> <span class="kd">const</span> <span class="nx">verificationSchema</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">mongoose</span><span class="p">.</span><span class="nc">Schema</span><span class="p">({</span> <span class="na">email</span><span class="p">:</span> <span class="nb">String</span><span class="p">,</span> <span class="na">code</span><span class="p">:</span> <span class="nb">String</span><span class="p">,</span> <span class="na">expiry</span><span class="p">:</span> <span class="nb">Date</span><span class="p">,</span> <span class="na">socketId</span><span class="p">:</span> <span class="nb">String</span><span class="p">,</span> <span class="na">hashedFingerprint</span><span class="p">:</span> <span class="nb">String</span><span class="p">,</span> <span class="na">salt</span><span class="p">:</span> <span class="nb">String</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">Verification</span> <span class="o">=</span> <span class="nx">mongoose</span><span class="p">.</span><span class="nf">model</span><span class="p">(</span><span class="dl">'</span><span class="s1">Verification</span><span class="dl">'</span><span class="p">,</span> <span class="nx">verificationSchema</span><span class="p">);</span> <span class="c1">// Login initiation route</span> <span class="nx">app</span><span class="p">.</span><span class="nf">post</span><span class="p">(</span><span class="dl">'</span><span class="s1">/api/init-login</span><span class="dl">'</span><span class="p">,</span> <span class="k">async </span><span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">serverEmail</span> <span class="o">=</span> <span class="dl">'</span><span class="s1">your-server-email@example.com</span><span class="dl">'</span><span class="p">;</span> <span class="c1">// Replace with your inbound email</span> <span class="k">await</span> <span class="nf">sakshskyInitLoginHandler</span><span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">,</span> <span class="nx">serverEmail</span><span class="p">);</span> <span class="p">});</span> <span class="c1">// Serve frontend</span> <span class="nx">app</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">'</span><span class="s1">/</span><span class="dl">'</span><span class="p">,</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">res</span><span class="p">.</span><span class="nf">sendFile</span><span class="p">(</span><span class="nx">path</span><span class="p">.</span><span class="nf">join</span><span class="p">(</span><span class="nx">__dirname</span><span class="p">,</span> <span class="dl">'</span><span class="s1">public</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">index.html</span><span class="dl">'</span><span class="p">));</span> <span class="p">});</span> <span class="c1">// Dashboard example</span> <span class="nx">app</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">'</span><span class="s1">/dashboard</span><span class="dl">'</span><span class="p">,</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">res</span><span class="p">.</span><span class="nf">send</span><span class="p">(</span><span class="dl">'</span><span class="s1">Welcome to the dashboard! You are logged in.</span><span class="dl">'</span><span class="p">);</span> <span class="p">});</span> <span class="c1">// Email config (replace with your details)</span> <span class="kd">const</span> <span class="nx">emailConfig</span> <span class="o">=</span> <span class="p">{</span> <span class="na">host</span><span class="p">:</span> <span class="dl">'</span><span class="s1">imap.gmail.com</span><span class="dl">'</span><span class="p">,</span> <span class="na">port</span><span class="p">:</span> <span class="mi">993</span><span class="p">,</span> <span class="na">user</span><span class="p">:</span> <span class="dl">'</span><span class="s1">your-inbox@gmail.com</span><span class="dl">'</span><span class="p">,</span> <span class="na">pass</span><span class="p">:</span> <span class="dl">'</span><span class="s1">your-app-password</span><span class="dl">'</span> <span class="c1">// Use Gmail app password</span> <span class="p">};</span> <span class="c1">// Start auth monitor</span> <span class="nf">sakshskyStartAuthMonitor</span><span class="p">(</span><span class="nx">emailConfig</span><span class="p">,</span> <span class="p">(</span><span class="nx">verification</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">io</span><span class="p">.</span><span class="nf">to</span><span class="p">(</span><span class="nx">verification</span><span class="p">.</span><span class="nx">socketId</span><span class="p">).</span><span class="nf">emit</span><span class="p">(</span><span class="dl">'</span><span class="s1">verified</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">email</span><span class="p">:</span> <span class="nx">verification</span><span class="p">.</span><span class="nx">email</span> <span class="p">});</span> <span class="p">});</span> <span class="nx">server</span><span class="p">.</span><span class="nf">listen</span><span class="p">(</span><span class="mi">3000</span><span class="p">,</span> <span class="p">()</span> <span class="o">=&gt;</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="dl">'</span><span class="s1">Server running on http://localhost:3000</span><span class="dl">'</span><span class="p">));</span> </code></pre> </div> <h3> Frontend Code (public/index.html) </h3> <div class="highlight js-code-highlight"> <pre class="highlight html"><code><span class="cp">&lt;!DOCTYPE html&gt;</span> <span class="nt">&lt;html</span> <span class="na">lang=</span><span class="s">"en"</span><span class="nt">&gt;</span> <span class="nt">&lt;head&gt;</span> <span class="nt">&lt;meta</span> <span class="na">charset=</span><span class="s">"UTF-8"</span><span class="nt">&gt;</span> <span class="nt">&lt;meta</span> <span class="na">name=</span><span class="s">"viewport"</span> <span class="na">content=</span><span class="s">"width=device-width, initial-scale=1.0"</span><span class="nt">&gt;</span> <span class="nt">&lt;title&gt;</span>Sakshsky Auth Example<span class="nt">&lt;/title&gt;</span> <span class="nt">&lt;script </span><span class="na">src=</span><span class="s">"/socket.io/socket.io.js"</span><span class="nt">&gt;&lt;/script&gt;</span> <span class="nt">&lt;/head&gt;</span> <span class="nt">&lt;body&gt;</span> <span class="nt">&lt;h1&gt;</span>Passwordless Email Login<span class="nt">&lt;/h1&gt;</span> <span class="nt">&lt;input</span> <span class="na">type=</span><span class="s">"email"</span> <span class="na">id=</span><span class="s">"email"</span> <span class="na">placeholder=</span><span class="s">"Your Email"</span> <span class="na">required</span><span class="nt">&gt;</span> <span class="nt">&lt;button</span> <span class="na">onclick=</span><span class="s">"initLogin()"</span><span class="nt">&gt;</span>Login<span class="nt">&lt;/button&gt;</span> <span class="nt">&lt;script&gt;</span> <span class="kd">const</span> <span class="nx">socket</span> <span class="o">=</span> <span class="nf">io</span><span class="p">();</span> <span class="kd">function</span> <span class="nf">initLogin</span><span class="p">()</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">email</span> <span class="o">=</span> <span class="nb">document</span><span class="p">.</span><span class="nf">getElementById</span><span class="p">(</span><span class="dl">'</span><span class="s1">email</span><span class="dl">'</span><span class="p">).</span><span class="nx">value</span><span class="p">;</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">email</span><span class="p">)</span> <span class="k">return</span> <span class="nf">alert</span><span class="p">(</span><span class="dl">'</span><span class="s1">Enter email</span><span class="dl">'</span><span class="p">);</span> <span class="nf">fetch</span><span class="p">(</span><span class="dl">'</span><span class="s1">/api/init-login</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">method</span><span class="p">:</span> <span class="dl">'</span><span class="s1">POST</span><span class="dl">'</span><span class="p">,</span> <span class="na">headers</span><span class="p">:</span> <span class="p">{</span> <span class="dl">'</span><span class="s1">Content-Type</span><span class="dl">'</span><span class="p">:</span> <span class="dl">'</span><span class="s1">application/json</span><span class="dl">'</span> <span class="p">},</span> <span class="na">body</span><span class="p">:</span> <span class="nx">JSON</span><span class="p">.</span><span class="nf">stringify</span><span class="p">({</span> <span class="nx">email</span><span class="p">,</span> <span class="na">socketId</span><span class="p">:</span> <span class="nx">socket</span><span class="p">.</span><span class="nx">id</span> <span class="p">})</span> <span class="p">}).</span><span class="nf">then</span><span class="p">(</span><span class="nx">res</span> <span class="o">=&gt;</span> <span class="nx">res</span><span class="p">.</span><span class="nf">json</span><span class="p">()).</span><span class="nf">then</span><span class="p">(</span><span class="nx">data</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nb">window</span><span class="p">.</span><span class="nx">location</span><span class="p">.</span><span class="nx">href</span> <span class="o">=</span> <span class="s2">`mailto:</span><span class="p">${</span><span class="nx">data</span><span class="p">.</span><span class="nx">toEmail</span><span class="p">}</span><span class="s2">?subject=</span><span class="p">${</span><span class="nf">encodeURIComponent</span><span class="p">(</span><span class="nx">data</span><span class="p">.</span><span class="nx">subject</span><span class="p">)}</span><span class="s2">&amp;body=</span><span class="p">${</span><span class="nf">encodeURIComponent</span><span class="p">(</span><span class="nx">data</span><span class="p">.</span><span class="nx">body</span><span class="p">)}</span><span class="s2">`</span><span class="p">;</span> <span class="nx">socket</span><span class="p">.</span><span class="nf">on</span><span class="p">(</span><span class="dl">'</span><span class="s1">verified</span><span class="dl">'</span><span class="p">,</span> <span class="p">(</span><span class="nx">data</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nf">alert</span><span class="p">(</span><span class="s2">`Logged in as </span><span class="p">${</span><span class="nx">data</span><span class="p">.</span><span class="nx">email</span><span class="p">}</span><span class="s2">`</span><span class="p">);</span> <span class="nb">window</span><span class="p">.</span><span class="nx">location</span><span class="p">.</span><span class="nx">href</span> <span class="o">=</span> <span class="dl">'</span><span class="s1">/dashboard</span><span class="dl">'</span><span class="p">;</span> <span class="p">});</span> <span class="p">}).</span><span class="k">catch</span><span class="p">(</span><span class="nx">err</span> <span class="o">=&gt;</span> <span class="nf">alert</span><span class="p">(</span><span class="dl">'</span><span class="s1">Error</span><span class="dl">'</span><span class="p">));</span> <span class="p">}</span> <span class="nt">&lt;/script&gt;</span> <span class="nt">&lt;/body&gt;</span> <span class="nt">&lt;/html&gt;</span> </code></pre> </div> <p>Run <code>node server.js</code>, visit <code>http://localhost:3000</code>, enter an email, send the pre-filled message, and watch for the verification alert!</p> <h2> Security Considerations </h2> <p>While robust, email auth has limitations (e.g., inbox compromise). Sakshsky-auth mitigates with hashes and fingerprints, but for high-stakes apps, combine with 2FA or WebAuthn. Always use HTTPS, rate-limit requests, and monitor for anomalies.</p> <h2> Future Plans </h2> <p>We're planning support for SMS fallback, WebAuthn integration, and customizable fingerprints. Feedback welcome on GitHub!</p> <p>At Sakshsky, we're committed to secure, simple tools. Try sakshsky-auth today and let us know what you think!</p> Announcing Laravel API Resource Optimizer: Supercharge Your Laravel APIs susheel kumar Mon, 12 May 2025 08:51:31 +0000 https://dev.to/susheel_kumar_2041f5433d2/announcing-laravel-api-resource-optimizer-supercharge-your-laravel-apis-le7 https://dev.to/susheel_kumar_2041f5433d2/announcing-laravel-api-resource-optimizer-supercharge-your-laravel-apis-le7 <p>I'm thrilled to introduce <strong>Laravel API Resource Optimizer</strong>, a new open-source package designed to make your Laravel APIs faster, lighter, and more flexible. Whether you're building a REST API for a mobile app, a SaaS platform, or a microservices architecture, this package streamlines API development by enhancing Laravel's built-in API Resource classes with powerful optimization features.</p> <p>In this post, I'll walk you through what the package does, why it matters, and how you can start using it today to level up your Laravel APIs.</p> <h2> Why Laravel API Resource Optimizer? </h2> <p>Laravel's API Resources are fantastic for transforming Eloquent models into JSON responses, but they lack advanced optimization features out of the box. Developers often find themselves writing repetitive code to handle tasks like:</p> <ul> <li>Allowing clients to request specific fields to reduce payload size.</li> <li>Dynamically including related data without over-fetching.</li> <li>Caching responses to improve performance.</li> </ul> <p>The <strong>Laravel API Resource Optimizer</strong> package addresses these pain points by providing a drop-in solution that makes your APIs more efficient and developer-friendly. Built with performance and simplicity in mind, it’s compatible with Laravel 8.x, 9.x, and 10.x, and it’s ready to use in your next project.</p> <h2> Key Features </h2> <p>Here’s what makes this package stand out:</p> <ul> <li> <strong>Sparse Fieldsets</strong>: Let clients request only the fields they need (e.g., <code>GET /users?fields=id,name</code>), reducing response sizes and improving performance.</li> <li> <strong>Conditional Relationship Loading</strong>: Include related data on demand (e.g., <code>GET /users?include=posts</code>) to avoid unnecessary database queries.</li> <li> <strong>Response Caching</strong>: Cache API responses with configurable TTL to minimize server load and speed up requests.</li> <li> <strong>Schema Validation</strong>: Ensure requested fields and relationships are valid, enhancing security and reliability.</li> <li> <strong>Rate-Limiting</strong>: Protect your API with built-in throttling to prevent abuse.</li> </ul> <p>These features are designed to work seamlessly with Laravel’s ecosystem, leveraging familiar conventions and requiring minimal setup.</p> <h2> Getting Started </h2> <p>Installing and using the package is a breeze. Here’s a quick guide to get you up and running.</p> <h3> Installation </h3> <p>Install the package via Composer:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>composer require sakshsky/laravel-api-optimizer </code></pre> </div> <p>Optionally, publish the configuration file to customize settings:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>php artisan vendor:publish <span class="nt">--provider</span><span class="o">=</span><span class="s2">"Sakshsky</span><span class="se">\A</span><span class="s2">piOptimizer</span><span class="se">\A</span><span class="s2">piOptimizerServiceProvider"</span> </code></pre> </div> <p>The configuration file (<code>config/api-optimizer.php</code>) lets you tweak options like cache duration and default fields:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code><span class="k">return</span> <span class="p">[</span> <span class="s1">'cache_ttl'</span> <span class="o">=&gt;</span> <span class="mi">60</span><span class="p">,</span> <span class="c1">// Cache responses for 60 seconds</span> <span class="s1">'default_fields'</span> <span class="o">=&gt;</span> <span class="p">[</span><span class="s1">'id'</span><span class="p">,</span> <span class="s1">'name'</span><span class="p">],</span> <span class="s1">'max_nesting_depth'</span> <span class="o">=&gt;</span> <span class="mi">3</span><span class="p">,</span> <span class="s1">'rate_limit'</span> <span class="o">=&gt;</span> <span class="s1">'60,1'</span><span class="p">,</span> <span class="c1">// 60 requests per minute</span> <span class="p">];</span> </code></pre> </div> <h3> Creating an Optimized Resource </h3> <p>Extend the <code>OptimizedResource</code> class to define your API resource:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code><span class="kn">namespace</span> <span class="nn">App\Http\Resources</span><span class="p">;</span> <span class="kn">use</span> <span class="nc">Sakshsky\ApiOptimizer\OptimizedResource</span><span class="p">;</span> <span class="kd">class</span> <span class="nc">UserResource</span> <span class="kd">extends</span> <span class="nc">OptimizedResource</span> <span class="p">{</span> <span class="k">protected</span> <span class="nv">$allowedFields</span> <span class="o">=</span> <span class="p">[</span><span class="s1">'id'</span><span class="p">,</span> <span class="s1">'name'</span><span class="p">,</span> <span class="s1">'email'</span><span class="p">,</span> <span class="s1">'created_at'</span><span class="p">];</span> <span class="k">protected</span> <span class="nv">$allowedIncludes</span> <span class="o">=</span> <span class="p">[</span><span class="s1">'posts'</span><span class="p">];</span> <span class="k">public</span> <span class="k">function</span> <span class="n">toArray</span><span class="p">(</span><span class="nv">$request</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="p">[</span> <span class="s1">'id'</span> <span class="o">=&gt;</span> <span class="nv">$this</span><span class="o">-&gt;</span><span class="n">id</span><span class="p">,</span> <span class="s1">'name'</span> <span class="o">=&gt;</span> <span class="nv">$this</span><span class="o">-&gt;</span><span class="n">name</span><span class="p">,</span> <span class="s1">'email'</span> <span class="o">=&gt;</span> <span class="nv">$this</span><span class="o">-&gt;</span><span class="n">email</span><span class="p">,</span> <span class="s1">'created_at'</span> <span class="o">=&gt;</span> <span class="nv">$this</span><span class="o">-&gt;</span><span class="n">created_at</span><span class="p">,</span> <span class="s1">'posts'</span> <span class="o">=&gt;</span> <span class="nc">PostResource</span><span class="o">::</span><span class="nf">collection</span><span class="p">(</span><span class="nv">$this</span><span class="o">-&gt;</span><span class="nf">whenLoaded</span><span class="p">(</span><span class="s1">'posts'</span><span class="p">)),</span> <span class="p">];</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <h3> Using in a Controller </h3> <p>Use the resource in your controller like any Laravel API Resource:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code><span class="kn">namespace</span> <span class="nn">App\Http\Controllers</span><span class="p">;</span> <span class="kn">use</span> <span class="nc">App\Http\Resources\UserResource</span><span class="p">;</span> <span class="kn">use</span> <span class="nc">App\Models\User</span><span class="p">;</span> <span class="kd">class</span> <span class="nc">UserController</span> <span class="kd">extends</span> <span class="nc">Controller</span> <span class="p">{</span> <span class="k">public</span> <span class="k">function</span> <span class="n">index</span><span class="p">()</span> <span class="p">{</span> <span class="nv">$users</span> <span class="o">=</span> <span class="nc">User</span><span class="o">::</span><span class="nf">query</span><span class="p">()</span><span class="o">-&gt;</span><span class="nf">paginate</span><span class="p">();</span> <span class="k">return</span> <span class="nc">UserResource</span><span class="o">::</span><span class="nf">collection</span><span class="p">(</span><span class="nv">$users</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <h3> Example API Requests </h3> <p>Here’s what you can do with the package:</p> <ol> <li> <strong>Fetch all fields</strong>: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> GET /api/users </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"id"</span><span class="p">:</span><span class="w"> </span><span class="mi">1</span><span class="p">,</span><span class="w"> </span><span class="nl">"name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"John Doe"</span><span class="p">,</span><span class="w"> </span><span class="nl">"email"</span><span class="p">:</span><span class="w"> </span><span class="s2">"john@example.com"</span><span class="p">,</span><span class="w"> </span><span class="nl">"created_at"</span><span class="p">:</span><span class="w"> </span><span class="s2">"2025-05-12T12:00:00Z"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="err">...</span><span class="w"> </span><span class="p">]</span><span class="w"> </span></code></pre> </div> <ol> <li> <strong>Request specific fields</strong>: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> GET /api/users?fields<span class="o">=</span><span class="nb">id</span>,name </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"id"</span><span class="p">:</span><span class="w"> </span><span class="mi">1</span><span class="p">,</span><span class="w"> </span><span class="nl">"name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"John Doe"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="err">...</span><span class="w"> </span><span class="p">]</span><span class="w"> </span></code></pre> </div> <ol> <li> <strong>Include relationships</strong>: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> GET /api/users?include<span class="o">=</span>posts </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"id"</span><span class="p">:</span><span class="w"> </span><span class="mi">1</span><span class="p">,</span><span class="w"> </span><span class="nl">"name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"John Doe"</span><span class="p">,</span><span class="w"> </span><span class="nl">"email"</span><span class="p">:</span><span class="w"> </span><span class="s2">"john@example.com"</span><span class="p">,</span><span class="w"> </span><span class="nl">"posts"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"id"</span><span class="p">:</span><span class="w"> </span><span class="mi">1</span><span class="p">,</span><span class="w"> </span><span class="nl">"title"</span><span class="p">:</span><span class="w"> </span><span class="s2">"My First Post"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="err">...</span><span class="w"> </span><span class="p">]</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="err">...</span><span class="w"> </span><span class="p">]</span><span class="w"> </span></code></pre> </div> <h3> Applying Middleware </h3> <p>The package includes an <code>api-optimizer</code> middleware to parse query parameters. Apply it to your routes:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code><span class="nc">Route</span><span class="o">::</span><span class="nf">middleware</span><span class="p">(</span><span class="s1">'api-optimizer'</span><span class="p">)</span><span class="o">-&gt;</span><span class="nf">group</span><span class="p">(</span><span class="k">function</span> <span class="p">()</span> <span class="p">{</span> <span class="nc">Route</span><span class="o">::</span><span class="nf">resource</span><span class="p">(</span><span class="s1">'users'</span><span class="p">,</span> <span class="nc">UserController</span><span class="o">::</span><span class="n">class</span><span class="p">);</span> <span class="p">});</span> </code></pre> </div> <h2> Why This Package Matters </h2> <p>In today’s API-driven world, performance and flexibility are critical. Clients—whether mobile apps or web frontends—expect fast, tailored responses. By supporting sparse fieldsets and conditional includes, <strong>Laravel API Resource Optimizer</strong> reduces payload sizes and database queries, leading to faster responses and lower server costs. The caching feature is a game-changer for high-traffic APIs, and the schema validation ensures your endpoints stay secure.</p> <p>Plus, it’s built with Laravel’s developer experience in mind. You don’t need to rewrite your existing resources or learn a new paradigm—just extend <code>OptimizedResource</code> and start optimizing.</p> <h2> What’s Next? </h2> <p>This is just the beginning for <strong>Laravel API Resource Optimizer</strong>. Future updates may include:</p> <ul> <li> <strong>GraphQL-like Query Support</strong>: Allow structured queries (e.g., <code>?query={id,name,posts{id,title}}</code>) for even more flexibility.</li> <li> <strong>Response Compression</strong>: Compress responses to further reduce payload sizes.</li> <li> <strong>OpenAPI Integration</strong>: Generate Swagger documentation for optimized resources.</li> <li> <strong>Multi-Tenancy Support</strong>: Optimize APIs for SaaS applications.</li> </ul> <p>I’m excited to hear your feedback and ideas for new features. If you have suggestions, feel free to open an issue or submit a pull request!</p> <h2> Contribute and Connect </h2> <p><strong>Laravel API Resource Optimizer</strong> is open-source under the MIT License, and contributions are welcome! Whether you’re fixing bugs, adding features, or improving documentation, your help will make this package even better.</p> <ul> <li> <strong>GitHub</strong>: <a href="https://github.com/sakshsky/laravel-api-optimizer" rel="noopener noreferrer">github.com/sakshsky/laravel-api-optimizer</a> </li> <li> <strong>Packagist</strong>: <a href="https://packagist.org/packages/sakshsky/laravel-api-optimizer" rel="noopener noreferrer">packagist.org/packages/sakshsky/laravel-api-optimizer</a> </li> <li> <strong>Issues</strong>: <a href="https://github.com/sakshsky/laravel-api-optimizer/issues" rel="noopener noreferrer">github.com/sakshsky/laravel-api-optimizer/issues</a> </li> <li> <strong>X</strong>: Follow me at <a href="https://x.com/sakshsky" rel="noopener noreferrer">@sakshsky</a> for updates</li> </ul> <p>To get started, check out the <a href="https://github.com/sakshsky/laravel-api-optimizer/blob/main/CONTRIBUTING.md" rel="noopener noreferrer">CONTRIBUTING.md</a> file for guidelines.</p> <h2> Try It Today </h2> <p>Ready to supercharge your Laravel APIs? Install <strong>Laravel API Resource Optimizer</strong> and see the difference for yourself:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>composer require sakshsky/laravel-api-optimizer </code></pre> </div> <p>I can’t wait to see how you use this package in your projects. Share your experiences, success stories, or questions on <a href="https://x.com/sakshsky" rel="noopener noreferrer">X</a> with the hashtag <code>#LaravelApiOptimizer</code>, or drop a comment below.</p> <p>Happy coding, and let’s make Laravel APIs faster together!</p> <p><em>If you enjoyed this post, please share it with the Laravel community and star the <a href="https://github.com/sakshsky/laravel-api-optimizer" rel="noopener noreferrer">GitHub repository</a>. Stay tuned for more updates!</em></p> Introducing Saksh Wallet: A Simple Wallet System for Laravel susheel kumar Mon, 12 May 2025 08:14:25 +0000 https://dev.to/susheel_kumar_2041f5433d2/introducing-saksh-wallet-a-simple-wallet-system-for-laravel-46oa https://dev.to/susheel_kumar_2041f5433d2/introducing-saksh-wallet-a-simple-wallet-system-for-laravel-46oa <p>Are you building a Laravel application that needs to manage user wallets, handle transactions, or track balances across multiple currencies? Look no further! I’m thrilled to announce the release of <strong><code>sakshsky/saksh-wallet</code></strong>, a lightweight, open-source Laravel package designed to simplify wallet functionality with a clean and intuitive API. Whether you’re creating an e-commerce platform, a freelance marketplace, or a gaming app, Saksh Wallet has you covered.</p> <p>In this post, I’ll walk you through what Saksh Wallet is, its key features, how to install and use it, and why it’s a great addition to your Laravel projects. Let’s dive in!</p> <h2> What is Saksh Wallet? </h2> <p>Saksh Wallet is a Laravel package that provides a robust and flexible wallet system for managing user transactions and balances. Built with Laravel 12 in mind, it leverages two database tables—<code>wallet_transactions</code> for transaction history and <code>balances</code> for current balances—to deliver a performant and scalable solution. The package is open-source, licensed under MIT, and available on Packagist at <a href="https://packagist.org/packages/sakshsky/saksh-wallet" rel="noopener noreferrer">sakshsky/saksh-wallet</a>.</p> <p>Whether you need to credit funds, debit with fees, or retrieve balance summaries, Saksh Wallet offers a straightforward API that integrates seamlessly into your Laravel application.</p> <h2> Key Features </h2> <p>Saksh Wallet is designed to be simple yet powerful. Here’s what it offers:</p> <ul> <li> <strong>Dual-Table Architecture</strong>: Uses <code>wallet_transactions</code> for tracking every credit and debit and <code>balances</code> for instant balance queries, ensuring performance and reliability.</li> <li> <strong>Multi-Currency Support</strong>: Handle transactions in any currency (e.g., USD, EUR, GBP) with per-currency balance tracking.</li> <li> <strong>Secure User Association</strong>: Links transactions and balances to users via <code>user_id</code> with foreign key constraints for data integrity.</li> <li> <strong>Flexible Transactions</strong>: Supports credits, debits with optional fees, references, and descriptions for detailed transaction records.</li> <li> <strong>Integrity Verification</strong>: Includes an Artisan command (<code>saksh-wallet:verify</code>) to check balance consistency against transaction history.</li> <li> <strong>Comprehensive Tests</strong>: Comes with PHPUnit tests to ensure reliability and ease of contribution.</li> <li> <strong>Open-Source Ready</strong>: Includes <code>.gitignore</code>, <code>.gitattributes</code>, <code>CONTRIBUTING.md</code>, and <code>CHANGELOG.md</code> for a complete package.</li> </ul> <p>Whether you’re managing in-game currencies, processing payments, or tracking user funds, Saksh Wallet provides the tools you need with minimal setup.</p> <h2> Why Choose Saksh Wallet? </h2> <p>There are several wallet packages for Laravel, like <code>bavix/laravel-wallet</code>, but Saksh Wallet stands out for its simplicity and focus on core functionality. Here’s why it’s worth considering:</p> <ul> <li> <strong>Lightweight</strong>: Minimal dependencies and a clean codebase make it easy to integrate and maintain.</li> <li> <strong>Performant</strong>: The <code>balances</code> table ensures O(1) balance queries, ideal for high-traffic applications.</li> <li> <strong>Developer-Friendly</strong>: Intuitive methods like <code>addFunds</code>, <code>deductFunds</code>, and <code>getBalance</code> make development a breeze.</li> <li> <strong>Extensible</strong>: Built with Laravel conventions, it’s easy to extend for custom features like transaction reversals or payment gateway integration.</li> <li> <strong>Open-Source</strong>: Licensed under MIT, it’s free to use and welcomes contributions from the community.</li> </ul> <h2> Installation </h2> <p>Getting started with Saksh Wallet is quick and easy. Follow these steps to add it to your Laravel 12 project:</p> <ol> <li> <strong>Install via Composer</strong>: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> composer require sakshsky/saksh-wallet </code></pre> </div> <ol> <li> <strong>Publish Migrations</strong>: The package includes a single migration to create the <code>wallet_transactions</code> and <code>balances</code> tables: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> php artisan vendor:publish <span class="nt">--tag</span><span class="o">=</span>saksh-wallet-migrations </code></pre> </div> <ol> <li> <strong>Run Migrations</strong>: Apply the migrations to set up the database schema: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> php artisan migrate </code></pre> </div> <p>That’s it! Your Laravel application is now ready to manage wallets.</p> <p><strong>Note</strong>: Ensure your <code>users</code> table exists (standard in Laravel) and contains at least one user, as the package uses <code>user_id</code> with foreign key constraints.</p> <h2> Usage </h2> <p>Saksh Wallet provides a simple API for managing wallet operations. Here’s how you can use it in your Laravel application:</p> <h3> Example: Controller Setup </h3> <p>Create a controller to handle wallet operations:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code><span class="cp">&lt;?php</span> <span class="kn">namespace</span> <span class="nn">App\Http\Controllers</span><span class="p">;</span> <span class="kn">use</span> <span class="nc">Saksh\Wallet\Services\SakshWallet</span><span class="p">;</span> <span class="kn">use</span> <span class="nc">Illuminate\Http\Request</span><span class="p">;</span> <span class="kn">use</span> <span class="nc">Illuminate\Support\Facades\Auth</span><span class="p">;</span> <span class="kd">class</span> <span class="nc">WalletController</span> <span class="kd">extends</span> <span class="nc">Controller</span> <span class="p">{</span> <span class="k">protected</span> <span class="nv">$wallet</span><span class="p">;</span> <span class="k">public</span> <span class="k">function</span> <span class="n">__construct</span><span class="p">(</span><span class="kt">SakshWallet</span> <span class="nv">$wallet</span><span class="p">)</span> <span class="p">{</span> <span class="nv">$this</span><span class="o">-&gt;</span><span class="n">wallet</span> <span class="o">=</span> <span class="nv">$wallet</span><span class="p">;</span> <span class="p">}</span> <span class="k">public</span> <span class="k">function</span> <span class="n">manageWallet</span><span class="p">(</span><span class="kt">Request</span> <span class="nv">$request</span><span class="p">)</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="nv">$userId</span> <span class="o">=</span> <span class="nc">Auth</span><span class="o">::</span><span class="nf">id</span><span class="p">();</span> <span class="k">if</span> <span class="p">(</span><span class="o">!</span><span class="nv">$userId</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nf">response</span><span class="p">()</span><span class="o">-&gt;</span><span class="nf">json</span><span class="p">([</span><span class="s1">'error'</span> <span class="o">=&gt;</span> <span class="s1">'User not authenticated'</span><span class="p">],</span> <span class="mi">401</span><span class="p">);</span> <span class="p">}</span> <span class="c1">// Credit 500 USD</span> <span class="nv">$creditResult</span> <span class="o">=</span> <span class="nv">$this</span><span class="o">-&gt;</span><span class="n">wallet</span><span class="o">-&gt;</span><span class="nf">addFunds</span><span class="p">(</span> <span class="nv">$userId</span><span class="p">,</span> <span class="mi">500</span><span class="p">,</span> <span class="s1">'USD'</span><span class="p">,</span> <span class="s1">'ref123'</span><span class="p">,</span> <span class="s1">'Salary payment'</span> <span class="p">);</span> <span class="c1">// Debit 200 USD with a 5 USD fee</span> <span class="nv">$debitResult</span> <span class="o">=</span> <span class="nv">$this</span><span class="o">-&gt;</span><span class="n">wallet</span><span class="o">-&gt;</span><span class="nf">deductFunds</span><span class="p">(</span> <span class="nv">$userId</span><span class="p">,</span> <span class="mi">200</span><span class="p">,</span> <span class="s1">'USD'</span><span class="p">,</span> <span class="s1">'ref124'</span><span class="p">,</span> <span class="s1">'Grocery shopping'</span><span class="p">,</span> <span class="mi">5</span> <span class="p">);</span> <span class="c1">// Get balance for USD</span> <span class="nv">$balance</span> <span class="o">=</span> <span class="nv">$this</span><span class="o">-&gt;</span><span class="n">wallet</span><span class="o">-&gt;</span><span class="nf">getBalance</span><span class="p">(</span><span class="nv">$userId</span><span class="p">,</span> <span class="s1">'USD'</span><span class="p">);</span> <span class="c1">// Get balance summary across all currencies</span> <span class="nv">$summary</span> <span class="o">=</span> <span class="nv">$this</span><span class="o">-&gt;</span><span class="n">wallet</span><span class="o">-&gt;</span><span class="nf">sakshGetBalanceSummary</span><span class="p">(</span><span class="nv">$userId</span><span class="p">);</span> <span class="k">return</span> <span class="nf">response</span><span class="p">()</span><span class="o">-&gt;</span><span class="nf">json</span><span class="p">([</span> <span class="s1">'credit'</span> <span class="o">=&gt;</span> <span class="nv">$creditResult</span><span class="p">,</span> <span class="s1">'debit'</span> <span class="o">=&gt;</span> <span class="nv">$debitResult</span><span class="p">,</span> <span class="s1">'balance'</span> <span class="o">=&gt;</span> <span class="nv">$balance</span><span class="p">,</span> <span class="s1">'summary'</span> <span class="o">=&gt;</span> <span class="nv">$summary</span><span class="p">,</span> <span class="p">]);</span> <span class="p">}</span> <span class="k">catch</span> <span class="p">(</span><span class="nc">\Exception</span> <span class="nv">$e</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nf">response</span><span class="p">()</span><span class="o">-&gt;</span><span class="nf">json</span><span class="p">([</span><span class="s1">'error'</span> <span class="o">=&gt;</span> <span class="nv">$e</span><span class="o">-&gt;</span><span class="nf">getMessage</span><span class="p">()],</span> <span class="mi">400</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <h3> Define Routes </h3> <p>Add a route to access the wallet functionality (e.g., in <code>routes/api.php</code>):<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code><span class="kn">use</span> <span class="nc">App\Http\Controllers\WalletController</span><span class="p">;</span> <span class="nc">Route</span><span class="o">::</span><span class="nf">get</span><span class="p">(</span><span class="s1">'/wallet'</span><span class="p">,</span> <span class="p">[</span><span class="nc">WalletController</span><span class="o">::</span><span class="n">class</span><span class="p">,</span> <span class="s1">'manageWallet'</span><span class="p">])</span><span class="o">-&gt;</span><span class="nf">middleware</span><span class="p">(</span><span class="s1">'auth'</span><span class="p">)</span><span class="o">-&gt;</span><span class="nf">name</span><span class="p">(</span><span class="s1">'wallet.manage'</span><span class="p">);</span> </code></pre> </div> <h3> Example Output </h3> <p>Visiting <code>/wallet</code> (with an authenticated user) might return:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"credit"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Credited 500 USD. New balance is 500"</span><span class="p">,</span><span class="w"> </span><span class="nl">"debit"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Debited 200 USD. New balance is 295"</span><span class="p">,</span><span class="w"> </span><span class="nl">"balance"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"user_id"</span><span class="p">:</span><span class="w"> </span><span class="mi">1</span><span class="p">,</span><span class="w"> </span><span class="nl">"currency"</span><span class="p">:</span><span class="w"> </span><span class="s2">"USD"</span><span class="p">,</span><span class="w"> </span><span class="nl">"balance"</span><span class="p">:</span><span class="w"> </span><span class="mi">295</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"summary"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"user_id"</span><span class="p">:</span><span class="w"> </span><span class="mi">1</span><span class="p">,</span><span class="w"> </span><span class="nl">"balance"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"USD"</span><span class="p">:</span><span class="w"> </span><span class="mi">295</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h3> Verify Wallet Integrity </h3> <p>Run the included Artisan command to ensure balances match transaction history:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>php artisan saksh-wallet:verify </code></pre> </div> <p>This command checks for discrepancies and is useful for debugging or auditing.</p> <h2> Use Cases </h2> <p>Saksh Wallet is versatile and can be used in various scenarios:</p> <ul> <li> <strong>E-commerce</strong>: Allow customers to maintain a wallet for quick checkouts or refunds.</li> <li> <strong>Freelance Platforms</strong>: Manage payments to freelancers with platform fees.</li> <li> <strong>Gaming Apps</strong>: Handle in-game currencies for purchases or rewards.</li> <li> <strong>Financial Apps</strong>: Track user funds for budgeting or investment platforms.</li> </ul> <p>The package’s multi-currency support makes it ideal for global applications, while its simple API ensures developers can integrate it quickly.</p> How Solidity Gas Saver Reduces Your Ethereum Costs 🚀 susheel kumar Wed, 02 Apr 2025 08:26:03 +0000 https://dev.to/susheel_kumar_2041f5433d2/how-solidity-gas-saver-reduces-your-ethereum-costs-2963 https://dev.to/susheel_kumar_2041f5433d2/how-solidity-gas-saver-reduces-your-ethereum-costs-2963 <h2> Introduction </h2> <p>Gas fees are one of the biggest challenges for Ethereum developers. Every transaction consumes gas, and inefficient smart contracts can result in unnecessarily high fees. To solve this, I’ve built <strong>Solidity Gas Saver</strong>, an npm package that provides optimized Solidity contracts to help reduce gas costs while maintaining functionality.</p> <h2> Why Gas Optimization Matters </h2> <p>Ethereum operates on a gas-based fee model, where every computation, storage operation, and transaction costs gas. Optimizing Solidity code can:</p> <ul> <li>Reduce contract execution costs</li> <li>Lower user fees for dApps</li> <li>Improve transaction speeds by minimizing computational overhead</li> </ul> <h2> How Solidity Gas Saver Works </h2> <p>The <strong>Solidity Gas Saver</strong> package includes several powerful contracts and libraries:</p> <h3> 1️⃣ GasEfficientMath </h3> <p>This library optimizes arithmetic operations by utilizing unchecked Solidity blocks, reducing gas costs for operations like multiplication and addition.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>uint256 result = GasEfficientMath.mul(5, 10); // More efficient than default Solidity math </code></pre> </div> <h3> 2️⃣ BatchExecutor </h3> <p>BatchExecutor allows multiple contract calls to be executed in a single transaction, reducing redundant gas costs.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>batchExecutor.execute([call1, call2, call3]); </code></pre> </div> <h3> 3️⃣ GasOptimizedTokenTransfer </h3> <p>Token transfers can be optimized by reducing redundant operations, making ERC-20 transactions cheaper.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>token.transferOptimized(recipient, amount); </code></pre> </div> <h2> How to Use Solidity Gas Saver </h2> <h3> Install the Package </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install </span>solidity-gas-saver </code></pre> </div> <h3> Import and Use in Your Smart Contracts </h3> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>import "solidity-gas-saver/contracts/GasEfficientMath.sol"; </code></pre> </div> <h3> Deploy Optimized Contracts </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npx hardhat run scripts/deploy.js <span class="nt">--network</span> goerli </code></pre> </div> <h2> Who Can Benefit? </h2> <ul> <li> <strong>DeFi Developers</strong> building gas-efficient protocols</li> <li> <strong>dApp Creators</strong> looking to minimize costs for users</li> <li> <strong>Smart Contract Developers</strong> who want optimized Solidity functions</li> </ul> <h2> Conclusion </h2> <p>The <strong>Solidity Gas Saver</strong> package is designed to help developers write more efficient smart contracts, reducing gas fees and improving overall performance. 🚀</p> <p>👉 <strong>Try it now:</strong> <a href="https://www.npmjs.com/package/solidity-gas-saver" rel="noopener noreferrer">Solidity Gas Saver on npm</a></p>