Session Reference
Passage.js methods for managing user sessions on the client.
The Session class manages the auth token for the current user.
All methods are a part of the Session class which should be used as follows:
Session Methods
.getAuthToken()
Gets an active authentication token for the current authenticated user. The token is refreshed when it expires and is no longer active.
None. Checks local storage for a psg_auth_token to determine if an active authentication token is available. Checks local storage for a psg_refresh_token to determine if the authentication token can be refreshed.
.signOut()
Signs out the current authenticated user by clearing authentication tokens and revoking refresh tokens.
None. Revokes the refresh token associated with the device or browser in use.
.refresh()
Gets a new authentication token for the current authenticated user. In most use cases, .getAuthToken() should be preferred as a faster method, since it returns the same authentication token until the token expires.
None. Checks local storage for a psg_refresh_token to determine if the authentication token can be refreshed.
Helper Methods
.authGuard()
Checks if the current user has a valid JWT and be used as a route guard in a frontend application.
IMPORTANT: this does not fully verify the user's authentication and is not intended as a secure method to be used when make authorization decisions. This method should be used to provide a basic route guard that can improve user experience. To securely check if a user is properly authenticated, use the .userInfo() method.
None. Uses JWT provided during initialization or checks local storage for a psg_auth_token to determine the current user.
Last updated