Auth api upgrade

[kdbrian]

Currently, the Open Auth SDK requires developers to manually handle most session-related logic, such as token persistence, refresh, and sign-out. This increases boilerplate and risks mismanagement of authentication states across apps.

I’d like to recommend introducing self-managed session utilities, similar to how Firebase Auth handles sessions. This would simplify development and reduce errors by providing:

Proposed Improvements

• Automatic Session Persistence: SDK should handle storing and refreshing tokens internally.

• Utility Functions:

• • signIn(...) → handles authentication flow and session creation.
• • signOut() → clears local session and invalidates tokens.
• • getCurrentUser() → retrieves the currently signed-in user from cache/session.
• • resetPassword(email/phone) → provides a built-in password reset workflow.

• Session State Listener: Callback or observer that notifies when the session changes (e.g., sign-in, sign-out, token refresh).

Benefits

• Reduces boilerplate for developers.

• Prevents common mistakes in session handling.

• Creates a more consistent developer experience across platforms.

• Makes the SDK competitive with established solutions like Firebase Auth.

Would the team be open to considering this as part of the roadmap?