Options
All
  • Public
  • Public/Protected
  • All
Menu

Class default

Hierarchy

  • default

Index

Constructors

Properties

Methods

Constructors

constructor

Properties

Static Error

Error: typeof default = SuperTokensError

Static init

init: ((config?: TypeInput) => RecipeListFunction) = Recipe.init

Type declaration

    • (config?: TypeInput): RecipeListFunction

    • Parameters

      • Optional config: TypeInput

      Returns RecipeListFunction

Methods

Static createJWT

  • createJWT(payload?: any, validitySeconds?: number, useStaticSigningKey?: boolean, userContext?: Record<string, any>): Promise<{ jwt: string; status: "OK" } | { status: "UNSUPPORTED_ALGORITHM_ERROR" }>

  • Parameters

    • Optional payload: any
    • Optional validitySeconds: number
    • Optional useStaticSigningKey: boolean
    • Optional userContext: Record<string, any>

    Returns Promise<{ jwt: string; status: "OK" } | { status: "UNSUPPORTED_ALGORITHM_ERROR" }>

Static createNewSession

  • createNewSession(req: any, res: any, tenantId: string, recipeUserId: RecipeUserId, accessTokenPayload?: any, sessionDataInDatabase?: any, userContext?: Record<string, any>): Promise<SessionContainer>

Static createNewSessionWithoutRequestResponse

  • createNewSessionWithoutRequestResponse(tenantId: string, recipeUserId: RecipeUserId, accessTokenPayload?: any, sessionDataInDatabase?: any, disableAntiCsrf?: boolean, userContext?: Record<string, any>): Promise<SessionContainer>

Static fetchAndSetClaim

  • fetchAndSetClaim(sessionHandle: string, claim: SessionClaim<any>, userContext?: Record<string, any>): Promise<boolean>

Static getAllSessionHandlesForUser

  • getAllSessionHandlesForUser(userId: string, fetchSessionsForAllLinkedAccounts?: boolean, tenantId?: string, userContext?: Record<string, any>): Promise<string[]>

  • Parameters

    • userId: string
    • fetchSessionsForAllLinkedAccounts: boolean = true
    • Optional tenantId: string
    • Optional userContext: Record<string, any>

    Returns Promise<string[]>

Static getClaimValue

  • getClaimValue<T>(sessionHandle: string, claim: SessionClaim<T>, userContext?: Record<string, any>): Promise<{ status: "SESSION_DOES_NOT_EXIST_ERROR" } | { status: "OK"; value: undefined | T }>

  • Type Parameters

    • T

    Parameters

    • sessionHandle: string
    • claim: SessionClaim<T>
    • Optional userContext: Record<string, any>

    Returns Promise<{ status: "SESSION_DOES_NOT_EXIST_ERROR" } | { status: "OK"; value: undefined | T }>

Static getJWKS

  • getJWKS(userContext?: Record<string, any>): Promise<{ keys: JsonWebKey[] }>

Static getOpenIdDiscoveryConfiguration

  • getOpenIdDiscoveryConfiguration(userContext?: Record<string, any>): Promise<{ issuer: string; jwks_uri: string; status: "OK" }>

Static getSession

Static getSessionInformation

  • getSessionInformation(sessionHandle: string, userContext?: Record<string, any>): Promise<undefined | SessionInformation>

Static getSessionWithoutRequestResponse

  • getSessionWithoutRequestResponse(accessToken: string, antiCsrfToken?: string): Promise<SessionContainer>
  • getSessionWithoutRequestResponse(accessToken: string, antiCsrfToken?: string, options?: VerifySessionOptions & { sessionRequired?: true }, userContext?: Record<string, any>): Promise<SessionContainer>
  • getSessionWithoutRequestResponse(accessToken: string, antiCsrfToken?: string, options?: VerifySessionOptions & { sessionRequired: false }, userContext?: Record<string, any>): Promise<undefined | SessionContainer>
  • getSessionWithoutRequestResponse(accessToken: string, antiCsrfToken?: string, options?: VerifySessionOptions, userContext?: Record<string, any>): Promise<undefined | SessionContainer>

  • Tries to validate an access token and build a Session object from it.

    Notes about anti-csrf checking:

    • if the antiCsrf is set to VIA_HEADER in the Session recipe config you have to handle anti-csrf checking before calling this function and set antiCsrfCheck to false in the options.
    • you can disable anti-csrf checks by setting antiCsrf to NONE in the Session recipe config. We only recommend this if you are always getting the access-token from the Authorization header.
    • if the antiCsrf check fails the returned satatus will be TRY_REFRESH_TOKEN_ERROR

    Results: OK: The session was successfully validated, including claim validation CLAIM_VALIDATION_ERROR: While the access token is valid, one or more claim validators have failed. Our frontend SDKs expect a 403 response the contents matching the value returned from this function. TRY_REFRESH_TOKEN_ERROR: This means, that the access token structure was valid, but it didn't pass validation for some reason and the user should call the refresh API. You can send a 401 response to trigger this behaviour if you are using our frontend SDKs UNAUTHORISED: This means that the access token likely doesn't belong to a SuperTokens session. If this is unexpected, it's best handled by sending a 401 response.

    Parameters

    • accessToken: string

      The access token extracted from the authorization header or cookies

    • Optional antiCsrfToken: string

      The anti-csrf token extracted from the authorization header or cookies. Can be undefined if antiCsrfCheck is false

    Returns Promise<SessionContainer>

  • Parameters

    • accessToken: string
    • Optional antiCsrfToken: string
    • Optional options: VerifySessionOptions & { sessionRequired?: true }
    • Optional userContext: Record<string, any>

    Returns Promise<SessionContainer>

  • Parameters

    • accessToken: string
    • Optional antiCsrfToken: string
    • Optional options: VerifySessionOptions & { sessionRequired: false }
    • Optional userContext: Record<string, any>

    Returns Promise<undefined | SessionContainer>

  • Parameters

    • accessToken: string
    • Optional antiCsrfToken: string
    • Optional options: VerifySessionOptions
    • Optional userContext: Record<string, any>

    Returns Promise<undefined | SessionContainer>

Static mergeIntoAccessTokenPayload

  • mergeIntoAccessTokenPayload(sessionHandle: string, accessTokenPayloadUpdate: JSONObject, userContext?: Record<string, any>): Promise<boolean>

Static refreshSession

  • refreshSession(req: any, res: any, userContext?: Record<string, any>): Promise<SessionContainer>

Static refreshSessionWithoutRequestResponse

  • refreshSessionWithoutRequestResponse(refreshToken: string, disableAntiCsrf?: boolean, antiCsrfToken?: string, userContext?: Record<string, any>): Promise<SessionContainer>

Static removeClaim

  • removeClaim(sessionHandle: string, claim: SessionClaim<any>, userContext?: Record<string, any>): Promise<boolean>

Static revokeAllSessionsForUser

  • revokeAllSessionsForUser(userId: string, revokeSessionsForLinkedAccounts?: boolean, tenantId?: string, userContext?: Record<string, any>): Promise<string[]>

  • Parameters

    • userId: string
    • revokeSessionsForLinkedAccounts: boolean = true
    • Optional tenantId: string
    • Optional userContext: Record<string, any>

    Returns Promise<string[]>

Static revokeMultipleSessions

  • revokeMultipleSessions(sessionHandles: string[], userContext?: Record<string, any>): Promise<string[]>

Static revokeSession

  • revokeSession(sessionHandle: string, userContext?: Record<string, any>): Promise<boolean>

Static setClaimValue

  • setClaimValue<T>(sessionHandle: string, claim: SessionClaim<T>, value: T, userContext?: Record<string, any>): Promise<boolean>

  • Type Parameters

    • T

    Parameters

    • sessionHandle: string
    • claim: SessionClaim<T>
    • value: T
    • Optional userContext: Record<string, any>

    Returns Promise<boolean>

Static updateSessionDataInDatabase

  • updateSessionDataInDatabase(sessionHandle: string, newSessionData: any, userContext?: Record<string, any>): Promise<boolean>

Static validateClaimsForSessionHandle

Generated using TypeDoc