Session Object

getUserId function: API Reference

let userId = $session->getUserId();

• This function does not do any database call.

getJWTPayload function: API Reference

let jwtPayload = $session->getJWTPayload();

• This function does not do any database call.

updateJWTPayload function: API Reference

$newData = ["key" => "value"];
$session->updateJWTPayload($newData);

• This function will change the current access token
• This function requires a database call each time it's called.

getSessionData function: API Reference

$sessionData = $session->getSessionData();

• This function requires a database call each time it's called.

updateSessionData function: API Reference

$newData = ["key" => "value"];
$session->updateSessionData($newData);

• This function overwrites the current session data stored for this session.
• This function requires a database call each time it's called.

revokeSession function: API Reference

$session->revokeSession();

• This function deletes the session from the database and clears relevant auth cookies
• If using blacklisting, this will immediately invalidate the JWT access token.

Example

Route::middleware("supertokens.middleware")->post("/test", function (Request $request) {
    $session = $request->supertokens;
    
    $userId = $session->getUserId();

    // update session info
    $sessionData = $session->getSessionData();
    $sessionData["newKey"] = "newVal";
    $session->updateSessionData($sessionData);

    // update jwt payload
    $payloadData = $session->getJWTPayload();
    $payloadData["newKey"] = "newVal";
    $session->updateJWTPayload($newPayload);

    // revoking session
    $session->revokeSession();

    return "";
});