...

Author: harshilp24

website/docs/packages/how-to-guides/use-query-inside-js-module.md

@@ -24,7 +24,7 @@ This page shows how to create a custom authentication module using packages, whi
 
 ## Prerequisites
 
-- A package that has already been created. For more information, see [Package and query modules tutorials](/packages/tutorial/query-module).
+- A UI Package that has already been created. For more information, see [Package and query modules tutorials](/packages/tutorial/query-module).
 - An authenticated datasource with user sign-in endpoints.
 
 
@@ -49,77 +49,79 @@ To secure your Appsmith application, you will need to set up a sign-in flow that
   />
 </div>
 
-
-
-
-1. Create a new query module to authenticate users and retrieve an authentication token:
-
+1. In the UI Module, create the login interface using the following widgets:
 
 <dd>
 
-*Example*: 
-
-```js
-//POST METHOD
-https://example.api.co/auth/v1/token?grant_type=password
-```
-
-</dd>
+- **Input Widget** (`emailInput`) – Used to capture the user's email or username.
 
+- **Input Widget** (`passwordInput`) – Used to capture the user's password. Set the input type to password to mask the input.
 
-2. Create **Inputs** from the right-side property pane to dynamically pass user data to the query. For example, create two inputs: one for **email** and one for **password**.
+- **Button Widget** (`loginButton`) – Triggers the login process when clicked. 
 
+- **Text Widget** – Displays the application name. 
 
+- **Image Widget** – Displays the brand logo. 
 
-   <ZoomImage src="/img/login-inputs-modules.png" alt="" caption="" />
+</dd>
 
 
+2. Create a new query to authenticate users and retrieve an authentication token:
 
-3. Pass the user data into your API in the expected format. Use the `inputs` property to bind the user data. 
+<dd>
 
+*Example*: 
 
-<dd>
+```js
+//POST METHOD
+https://example.api.co/auth/v1/token?grant_type=password
+```
 
-*Example*: if the API expects data in JSON format, select Body in the API, and then select JSON. Use the inputs property to bind the data, like:
+Body:
 
 ```js
 {
-  "email": {{inputs.email}},
-  "password": {{inputs.password}}
+  "email": {{emailInput.text}},
+  "password": {{passwordInput.text}}
 }
 ```
 
+The values for email and password are dynamically taken from the input widgets (`emailInput` and `passwordInput`) inside the module.
 
-</dd>
 
+</dd>
 
-3. Create a new JS module to handle the sign-in process by calling the `sign_in` API query with the provided `email` and `password`, storing the response data in local storage, and navigating to the `Home` page upon successful authentication.
+3. Create a new JS Object inside the UI Module to manage the login logic. This function will call the login API query with the provided email and password, store the authentication token in local storage using storeValue, and navigate to the Home page upon successful authentication.
 
 <dd>
 
-* To pass data from the **JS module to the query module**, you can pass parameters at runtime using `run()`, like `sign_in.run({ email: email, password: password })`.
-
-* To read the **JS module data in the query module**, create **Inputs** with the same parameter name, like `email` and `password`.
-
+*Example:*
 
 ```js
 export default {
-    signin: ({ email, password }) => {
-        // Call the sign_in API query with the provided email and password
-        return sign_in.run({ email: email, password: password })
-            .then(data => {
-                // Remove the user information from the response data for security reasons
-                delete data.user;
-                // Store each key-value pair from the response data in the local storage
-                Object.keys(data).forEach(i => {
-                    storeValue(i, data[i]);
-                });
-            })
-            .then(() => 
-                // Navigate to the 'Home' page upon successful authentication
-                navigateTo('Home')
-            );
+  async loginUser() {
+    if (!emailInput.text || !passwordInput.text) {
+      showAlert("Enter both email and password", "error");
+      return;
+    }
+
+    try {
+      const response = await login.run({
+        email: emailInput.text,
+        password: passwordInput.text
+      });
+
+      if (response.token) {
+        await storeValue("access_token", response.token);
+        // Navigate to the 'Home' page upon successful authentication
+        navigateTo("Home");
+      } else {
+        showAlert("Login failed", "error");
+      }
+    } catch (e) {
+      showAlert("Invalid credentials", "error");
     }
+  }
 };
 ```
 
@@ -128,50 +130,59 @@ For any future user actions, use the stored access token to access the relevant
 
 </dd>
 
+4. Set the **onClick** event of the Login button to run the loginUser function defined in the JS Object. 
 
-4. Publish the package.
-
-
+5. To dynamically change the login UI based on the app using the module, use inputs to pass data from the parent application into the module. This allows each app to control elements like the displayed app name and logo without modifying the module itself.
 
-## Integrate custom authentication
+<dd>
 
-Follow these steps to use the login authentication module within your application:
+*Example:* Create two inputs, `appName` and `logoUrl`, to reuse the same login module across different applications such as an HR portal or a CRM dashboard.
 
 
+`appName`: Set the Text widget’s text property to: `{{ this.params.appName }}`
 
-1. Open your **App** from the homepage and ensure that both the app and modules share the same workspace.
+`logoUrl`: Set the Image widget’s source property to: `{{ this.params.logoUrl }}`
 
-2. Create a simple login form using widgets such as Text and Input fields, tailored to meet your specific requirements.
+</dd>
 
-3. Select the JS tab on the Entity Explorer, add the **Login JS module**, and pass login form data into function parameters for authentication. 
 
+6. To pass login state or token ID from the module back to the parent app, use outputs. This allows you to expose specific values such as authentication tokens or login status that the parent application can access and respond to.
 
 <dd>
 
+*Example*: Create an output named `token` and pass the token ID received from the login API:
 
-To pass data from the **App to a JS module**, you can set **Inputs** parameters or pass it by calling the respective function with parameters, like `login([email protected], password@123)`.
+```js
+//token
+{{ authUtils.loginUser.data.token }}
+```
 
+The token can then be accessed in the parent app using `LoginModule1.outputs.token`.
 
-   <ZoomImage src="/img/inputs-js1.png" alt="" caption="" />
 
 </dd>
 
-4. Set the **onClick** event of the Submit/Login button to run the JS function.
+
+7. Publish the package.
+
+
+8. To integrate custom authentication into your app, open the application and navigate to the UI tab. Drag the login module onto the desired page and configure the appName and logoUrl inputs.
 
 <dd>
 
+Based on your application’s requirements, you can use the token output to store the login state, authorize API requests, or redirect users after successful authentication. To log out a user, call the revoke API to invalidate the access token, use the [clear store()](/reference/appsmith-framework/widget-actions/clear-store) action to remove stored user data, and redirect the user to the `LoginPage`.
 
 
-When the button is clicked, the JS module verifies whether the user's email exists in the database. If the email and password match, it redirects the user to a new page.
+</dd>
 
 
+With this setup, the login module can now securely authenticate users, dynamically adapt to different applications, and expose login state back to the parent app. Once a user logs in successfully, they are automatically navigated to the home page or any other page you specify through input configuration.
 
 
+If your application uses short-lived access tokens, consider implementing a refresh token strategy to maintain session continuity. For details on when and how to use refresh tokens, see the Refresh Token Handling Guide.
 
-</dd>
 
 
-To log out a user, call the revoke API to invalidate the access token, use the [clear store()](/reference/appsmith-framework/widget-actions/clear-store) action to remove stored user data, and redirect the user to the `LoginPage`.