Skip to Content
Housr AppAuthentication

Authentication

Overview

Authentication is managed by AuthProvider in src/context/auth-context.tsx. It provides JWT token state, user profile, and sign-in/sign-out functions to the entire app.

Auth Context API

interface AuthContextValue {
  signIn: (token: string, isSignup?: boolean) => Promise<void>;
  signInWithUserPayload: (token: string, userPayload: Record<string, unknown>, isSignup?: boolean) => Promise<void>;
  signOut: () => Promise<void>;
  refreshUser: () => Promise<void>;
  token: string | null;
  user: User | null;
  isLoading: boolean;
}
  • signIn — Saves token, fetches user profile from API, identifies in Mixpanel
  • signInWithUserPayload — Used for SSO flows where the user data comes with the login response. Sets user immediately from payload, then refreshes from API in the background
  • signOut — Deletes token from secure storage, clears user state
  • refreshUser — Re-fetches user profile using the stored token

Token Storage

JWTs are stored in expo-secure-store via src/lib/token-storage.ts:

  • getToken() — Read from secure storage (key: jwt_token)
  • setToken(token) — Write to secure storage
  • deleteToken() — Remove from secure storage

On app launch, AuthProvider checks for a stored token and fetches the user profile. The splash screen stays visible until this completes.

Sign-In Flows by Region

UK Sign-In

Defined in src/features/auth/components/uk-sign-in.tsx. Options:

  1. Email + Password — Standard login via apiV1
  2. Google Sign-In — Via @react-native-google-signin/google-signin (requires development build)
  3. Apple Sign-In — Via expo-apple-authentication (iOS only)
  4. Sign Up — Routes to /uk-sign-up with multi-step form

US Sign-In

Defined in src/features/auth/components/us-sign-in.tsx. Options:

  1. SSO Login — University SSO via my.UNL (redirects to university login page)

Routes to /(auth)/sso-login.tsx for the SSO WebView flow.

Apple Sign-In Flow

Implemented in src/lib/apple-signin.ts:

  1. Request Apple authentication credentials (name + email)
  2. POST to apiV1 at appleSignin.php with { name, email, userID }
  3. If response type is "login" — call signIn(token) and navigate to explore
  4. If response type is "signup" or 404 — redirect to /uk-sign-up with Apple user data pre-filled
  5. If 403 — account blocked alert

Google Sign-In Flow

Implemented in src/lib/google-signin.ts:

  1. Configure Google Sign-In with web/iOS client IDs and birthday/phone scopes
  2. Sign in via GoogleSignin.signIn()
  3. Fetch birthday and phone from Google People API using the access token
  4. POST to apiV1 at googleSignin.php with { idToken, user, birthday }
  5. If "existingUser" — call signIn(token) and navigate to explore
  6. If "newUser" or 404 — redirect to /uk-sign-up with Google user data pre-filled

Google Sign-In is not available in Expo Go (requires a development build). The module is dynamically imported to avoid crashes.

Auth Routes

src/app/(auth)/
  _layout.tsx              # Auth stack layout
  forgot-password.tsx      # Forgot password form
  forgot-password-otp.tsx  # OTP verification for password reset
  reset-password.tsx       # New password entry
  uk-sign-up.tsx           # UK multi-step signup
  verify-otp.tsx           # OTP verification
  sso-login.tsx            # US SSO WebView login

Route Protection

The NavigationGuardProvider in src/context/navigation-guard-context.tsx intercepts navigation to protected routes. If a user is not authenticated, they are redirected to /sign-in.

Protected routes: events, wallet, profile, viewings, bills, roomie, rideshare.

The custom tab bar also uses useNavigationGuard to gate tab presses.

User Type

The User interface is defined in src/features/auth/types/index.ts and mapped from the v1 API response via mapUserApiResponseToUser().

Last updated on
React Query PatternsBills Feature