Links

Session

Creating an ODD SDK session

Session

A session is an authenticated interaction between a user and an ODD program. Sessions are typically long-lived and are based on a user controlling a key pair.
The ODD SDK authenticates and authorizes a user who controls a key pair through:
  • WebCrypto. The browser WebCrypto API which supports non-exportable private keys.
  • WalletAuth. A browser extension that supports blockchain wallets through the ODD SDK WalletAuth plugin.
  • Requesting capabilities. Uses a WebCrypto key pair, but authorization must be requested from another app with equal or greater authority.

Creating a session

A session can be created through an Authentication Strategy or by Requesting Capabilities. We'll look at each of these approaches in upcoming sections, but for now here is the Session class they create:
export class Session {
#crypto: Crypto.Implementation
#storage: Storage.Implementation
fs?: FileSystem
type: string
username: string
...
}
A session includes a session type, username, and an optional filesystem.
The private crypto and storage fields are internal and can be ignored, but they give us an early hint of the ODD SDK component system described in the Components section.

Session Type

The session type indicates how the session was created. The possible types include webCrypto and capabilities.
WalletAuth uses a blockchain wallet but delegates to a WebCrypto key pair. As a result, the session type when using WalletAuth is webCrypto.

Username

A username selected by the user at registration. When requesting capabilities, the user will already have a username from the app where they originally registered.
The username is a wallet address when using WalletAuth.

File system

A WNFS instance. A filesystem is provided by default, but ODD SDK can be configured without WNFS through the Components API.

Session Event Listeners

An ODD program emits events when a session is created or destroyed.
program.on('session:create', ({ session }) => {
console.log('A session was created', session)
})
program.on('session:destroy', ({ username }) => {
console.log('A session was destroyed for username', username)
})