Class LoginServiceGrpc.LoginServiceStub

java.lang.Object
io.grpc.stub.AbstractStub<LoginServiceGrpc.LoginServiceStub>
io.grpc.stub.AbstractAsyncStub<LoginServiceGrpc.LoginServiceStub>
com.soulfiremc.grpc.generated.LoginServiceGrpc.LoginServiceStub
Enclosing class:
LoginServiceGrpc
public static final class LoginServiceGrpc.LoginServiceStub extends io.grpc.stub.AbstractAsyncStub<LoginServiceGrpc.LoginServiceStub>
A stub to allow clients to do asynchronous rpc calls to service LoginService. 
Service for authenticating users via email-based passwordless login.
Authentication Flow:
1. Client calls Login with the user's email address
2. If the email is registered, a six-digit code is sent to that email
3. Client receives an auth_flow_token and EmailCode response
4. User enters the code from their email
5. Client calls EmailCode with the auth_flow_token and the code
6. If valid, client receives a JWT token; if invalid, receives a Failure
Security Features:
- Rate limited to 20 requests per 10 minutes per origin to prevent brute force attacks
- Auth flow tokens expire after 15 minutes
- Same response for registered and unregistered emails to prevent email enumeration
- Invalid codes return the same error as expired/invalid flow tokens to prevent timing attacks
Error Handling:
- RESOURCE_EXHAUSTED: Rate limit exceeded (too many login attempts)
- UNAUTHENTICATED: No origin header provided (required for rate limiting)
- INTERNAL: Unexpected server error during processing

  • Nested Class Summary

    Nested classes/interfaces inherited from class io.grpc.stub.AbstractStub

    io.grpc.stub.AbstractStub.StubFactory<T>

  • Method Summary

    Modifier and Type
    Method
    Description
    protected LoginServiceGrpc.LoginServiceStub
    build(io.grpc.Channel channel, io.grpc.CallOptions callOptions)
     
    void
    emailCode(EmailCodeRequest request, io.grpc.stub.StreamObserver<NextAuthFlowResponse> responseObserver)
    Verifies an email verification code to complete authentication.
    void
    login(LoginRequest request, io.grpc.stub.StreamObserver<NextAuthFlowResponse> responseObserver)
    Initiates a login flow for the specified email address.

    Methods inherited from class io.grpc.stub.AbstractAsyncStub

    newStub, newStub

    Methods inherited from class io.grpc.stub.AbstractStub

    getCallOptions, getChannel, withCallCredentials, withChannel, withCompression, withDeadline, withDeadlineAfter, withDeadlineAfter, withExecutor, withInterceptors, withMaxInboundMessageSize, withMaxOutboundMessageSize, withOnReadyThreshold, withOption, withWaitForReady

    Methods inherited from class Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Method Details

    • build

      protected LoginServiceGrpc.LoginServiceStub build(io.grpc.Channel channel, io.grpc.CallOptions callOptions)
      Specified by:
      build in class io.grpc.stub.AbstractStub<LoginServiceGrpc.LoginServiceStub>

    • login

      public void login(LoginRequest request, io.grpc.stub.StreamObserver<NextAuthFlowResponse> responseObserver)
      Initiates a login flow for the specified email address.
If the email is registered, a six-digit verification code is sent to that address.
The response always indicates that an email code step is next, regardless of whether
the email exists, to prevent email enumeration attacks.
Returns:
- NextAuthFlowResponse with email_code set and a new auth_flow_token
Errors:
- RESOURCE_EXHAUSTED: Too many login attempts from this origin
- UNAUTHENTICATED: Missing origin header
- INTERNAL: Server error (e.g., database or email sending failure)

    • emailCode

      public void emailCode(EmailCodeRequest request, io.grpc.stub.StreamObserver<NextAuthFlowResponse> responseObserver)
      Verifies an email verification code to complete authentication.
The auth_flow_token must match a pending login flow, and the code must match
the one that was sent to the user's email. On success, returns a JWT token.
On failure, returns a Failure response with INVALID_CODE reason.
After successful verification, the auth_flow_token is invalidated and cannot be reused.
Returns:
- NextAuthFlowResponse with success set (containing JWT token) if code is valid
- NextAuthFlowResponse with failure set (INVALID_CODE reason) if code is invalid
Errors:
- RESOURCE_EXHAUSTED: Too many login attempts from this origin
- UNAUTHENTICATED: Missing origin header
- INTERNAL: Server error (e.g., JWT generation failure)