• Public
  • Public/Protected
  • All

Class UserSession

Represents an instance of a signed in user for a particular app.

A signed in user has access to two major pieces of information about the user, the user's private key for that app and the location of the user's gaia storage bucket for the app.

A user can be signed in either directly through the interactive sign in process or by directly providing the app private key.


  • UserSession






appConfig: AppConfig




  • decryptContent(content: string, options?: undefined | { privateKey?: undefined | string }): Promise<Buffer | string>
  • Decrypts data encrypted with encryptContent with the transit private key.


    • content: string

      encrypted content.

    • Optional options: undefined | { privateKey?: undefined | string }

    Returns Promise<Buffer | string>

    decrypted content.



  • generateAndStoreTransitKey(): string
  • Generates a ECDSA keypair to use as the ephemeral app transit private key and store in the session.

    Returns string

    the hex encoded private key


  • getAuthResponseToken(): string


  • handlePendingSignIn(authResponseToken?: string): Promise<UserData>
  • Try to process any pending sign in request by returning a Promise that resolves to the user data object if the sign in succeeds.


    • Default value authResponseToken: string = this.getAuthResponseToken()

      the signed authentication response token

    Returns Promise<UserData>

    that resolves to the user data object if successful and rejects if handling the sign in request fails or there was no pending sign in request.


  • isSignInPending(): boolean
  • Check if there is a authentication request that hasn't been handled.

    Also checks for a protocol echo reply (which if detected then the page will be automatically redirected after this call).

    Returns boolean

    true if there is a pending sign in, otherwise false


  • isUserSignedIn(): boolean



  • makeAuthRequest(transitKey?: undefined | string, redirectURI?: undefined | string, manifestURI?: undefined | string, scopes?: (AuthScope | string)[], appDomain?: undefined | string, expiresAt?: number, extraParams?: any): string
  • Generates an authentication request that can be sent to the Blockstack browser for the user to approve sign in. This authentication request can then be used for sign in by passing it to the [[redirectToSignInWithAuthRequest]] method.

    Note: This method should only be used if you want to use a customized authentication flow. Typically, you'd use [[redirectToSignIn]] which is the default sign in method.


    • Optional transitKey: undefined | string

      A HEX encoded transit private key.

    • Optional redirectURI: undefined | string

      Location to redirect the user to after sign in approval.

    • Optional manifestURI: undefined | string

      Location of this app's manifest file.

    • Optional scopes: (AuthScope | string)[]

      The permissions this app is requesting. The default is store_write.

    • Optional appDomain: undefined | string

      The origin of the app.

    • Default value expiresAt: number = nextHour().getTime()

      The time at which this request is no longer valid.

    • Default value extraParams: any = {}

      Any extra parameters to pass to the authenticator. Use this to pass options that aren't part of the Blockstack authentication specification, but might be supported by special authenticators.

    Returns string

    the authentication request


  • signUserOut(redirectURL?: undefined | string): void
  • Sign the user out and optionally redirect to given location.


    • Optional redirectURL: undefined | string

      Location to redirect user to after sign out. Only used in environments with window available

    Returns void

Generated using TypeDoc