Forem

Avi Kapoor for MojoAuth

Posted on

🚀 Implement Passwordless Auth with MojoAuth in 10 Minutes (Yes, Really!)

Tired of passwords? So are your users. Passwordless authentication boosts security and UX by eliminating password fatigue. Let’s build a passwordless login flow with MojoAuth faster than it takes to brew coffee ☕.


Why Go Passwordless?

  • 🔒 No more password leaks or phishing risks
  • 📲 Users log in via magic links (email/SMS)
  • âš¡ Faster implementation than traditional auth

What We’ll Build

A Node.js app that:

  1. Sends magic links via email
  2. Authenticates users with a single click
  3. Secures sessions with JWT

Prerequisites


Step 1: Set Up MojoAuth

  1. Create a Project in your MojoAuth dashboard.
  2. Grab your API Key and Publishable Key (we’ll use these later).
  3. Configure Allowed Redirect URLs (e.g., http://localhost:3000/callback).

Step 2: Install MojoAuth SDK

npm install mojoauth-sdk
Enter fullscreen mode Exit fullscreen mode

Step 3: Backend Setup (Express.js)

Create server.js:

const express = require('express');
const MojoAuth = require("mojoauth-sdk");
const app = express();
app.use(express.json());

// Initialize MojoAuth
const mojoAuth = MojoAuth("[YOUR_API_KEY]");

// Login endpoint
app.post('/login', async (req, res) => {
  const { email } = req.body;

  try {
    const response = await mojoAuth.magicLink.send(email);
    res.json({ message: "Magic link sent! Check your email." });
  } catch (error) {
    res.status(500).json({ error: "Auth failed" });
  }
});

// Callback endpoint (handles magic link verification)
app.get('/callback', async (req, res) => {
  const { token } = req.query;

  try {
    const user = await mojoAuth.magicLink.verify(token);
    // Create JWT session or redirect to dashboard
    res.json({ success: true, user });
  } catch (error) {
    res.redirect('/login?error=auth_failed');
  }
});

app.listen(3000, () => console.log('Server running on port 3000'));
Enter fullscreen mode Exit fullscreen mode

Step 4: Frontend Form (HTML/JS)

Create index.html:

<!DOCTYPE html>
<html>
<body>
  <h1>Login with Magic Link ✨</h1>
  <form id="loginForm">
    <input type="email" id="email" placeholder="Enter your email" required>
    <button type="submit">Send Magic Link</button>
  </form>

  <script>
    document.getElementById('loginForm').addEventListener('submit', async (e) => {
      e.preventDefault();
      const email = document.getElementById('email').value;

      // Call backend login endpoint
      const response = await fetch('/login', {
        method: 'POST',
        headers: { 'Content-Type': 'application/json' },
        body: JSON.stringify({ email })
      });

      alert('Magic link sent! Check your inbox.');
    });
  </script>
</body>
</html>
Enter fullscreen mode Exit fullscreen mode

Step 5: Test It!

  1. Run node server.js
  2. Open http://localhost:3000
  3. Enter your email → check inbox → click magic link → Boom! 🔥 Authenticated.

How It Works

  1. User enters email → MojoAuth sends magic link.
  2. Clicking the link hits /callback with a verification token.
  3. MojoAuth SDK verifies the token → returns user data.
  4. You create a session (e.g., JWT cookies) or redirect.

Why MojoAuth?

  • ✅ Pre-built UI components (save 20+ hours)
  • ✅ Brute-force protection & rate limiting
  • ✅ SOC2-compliant infrastructure
  • ✅ Customizable templates (brand your emails)

Troubleshooting Tips

  1. Magic link not arriving? Check spam folder or MojoAuth's email logs.
  2. Invalid redirect URL? Ensure it matches your MojoAuth dashboard settings.
  3. CORS issues? Use cors middleware in Express.

Next Steps

  1. Add SMS authentication (MojoAuth supports it!).
  2. Implement user sessions with JWTs.
  3. Check the MojoAuth Docs for advanced features.

👨💻 Your Turn!

Clone the full code example on GitHub and customize it.

Got questions? Drop them below – let’s chat about auth!

Top comments (0)