rauth_flutter 0.1.1

A lightweight, cross-platform Flutter library for reverse authentication via WhatsApp, compatible with Android, iOS, and Web. Includes device info, HMAC signature, and secure session initialization.

rauth-flutter

A lightweight, cross-platform Flutter/Dart library for adding reverse authentication via WhatsApp to your mobile or web apps.

This library allows you to generate a reverse authentication token in your Flutter application. The user verifies their identity via WhatsApp, and your app can send the session token to your backend for verification.

🔒 You must install rauth-provider on your Node.js backend to verify tokens issued by rauth-flutter.

---

✅ Features

📱 Client-Side Reverse Auth – Generate session tokens from your Flutter app without traditional OTP flows.

🌐 Cross-Platform – Works on Android, iOS, and Web (Flutter web).

💬 WhatsApp-Based Verification – Lets users verify themselves via WhatsApp without requiring any SMS.

🧩 Plug-and-Play SDK – Just call RauthClient.init() with appId and phone number, and you're done.

🔐 Secure Token Generation – Uses HMAC signatures to prevent tampering or spoofing.

🖼 QR + Link Options – Automatically returns a WhatsApp Web link and QR image for alternate login devices.

🧪 Easy Testing & Debugging – Returns session token, WhatsApp link, and QR image for easy integration.

🚀 Production Ready – Designed to integrate securely with your backend for session verification via rauth-provider.

---

🔧 Install

Add to your pubspec.yaml:

dependencies:
  rauth_flutter:
    path: ../rauth-flutter # or use your published version

Then run:

flutter pub get

---

📦 Prerequisites

1. Create a free account at https://rauth.io
2. Generate your appId and appSecret from the dashboard.
3. Use this library in your Flutter app.
4. Use rauth-provider on your backend to verify tokens.

---

💡 Usage

Basic Example

import 'package:rauth_flutter/rauth_flutter.dart';

final client = RauthClient(appId: 'your-app-id', appSecret: 'your-app-secret');
final session = await client.init(phone: '+917000000000');

print('Session Token: \\${session.sessionToken}');
print('WhatsApp Link: \\${session.waLink}');
print('QR Image (base64): \\${session.qrImageLink}');

With UI (see demo app)

• Input phone number
• Call RauthClient.init(phone: ...)
• Show QR code and WhatsApp link to user

---

🔐 Backend Verification Example

After the user verifies via WhatsApp, send the session token to your backend:

POST /login

{
  "phone": "+917000000000",
  "token": "dfsdf-fdsdfsdfsd-dsfsdfg84-fsadfgsdag"
}

Your backend (using rauth-provider) should validate the token and return a JWT or session data if verified.

---

📝 License

MIT