loginis the easiest way to use Picket with your web, mobile, or native application. This enables you to securely login users via their wallet with a single line of code.
logoutdeletes the cached user's access token.
authStatereturns the user's current authorization state.
accessTokenand information. If the user is logged out, the
authStatewill be null.
connectis a convenience function for connecting to a wallet provider.
connectsupports two different message formats
Simpleis the default message format. To change the message format to SIWE, you can use the
contextfield in the function result. Unlike the the simple signing message format, in
SIWEthe browser adds information to the message. The
contextfield provides the additional client-side information for the SIWE message, so the server can re-create the message and verify the signature.
connectis configured to allow user to connect via inject providers (Metamask, Brave, etc), WalletConnect, and Coinbase Wallet with a public Ethereum node provider. If you want to modify the Web3Modal providers option, then you can pass through a
ConnectProviderOptionsconfiguration when you instantiate Picket.
nonceis random value generated by the Picket API to that user must sign to prove ownership a wallet address. The
noncegeneration and signature verification for you. You'll only need to use
nonceif you'd like to implement your own wallet authentication flow.
nonceis unique to a project and wallet address. If a
noncedoesn't exist for the project and wallet address, Picket will generate a new
nonce; otherwise, Picket will return the existing nonce. A
nonceis valid for two minutes before self-destructing.
validatevalidates an access token. This is helpful to ensure that cached local token is still valid when the app loads. The
picket-jslibrary automatically validates access tokens when they are loaded from the local storage cache.
validatereturns the decoded claims of the access token.
picket.loginWithRedirectimplements the PKCE flow. In this flow the user is redirected back to a whitelisted redirect URI after authentication, so there are two steps the process 1) authenticate the user 2) handle the login redirect, also known as the login callback.
picket.loginWithRedirectwill redirect back to the same location (
window.location.href) as the initial login request. If you'd like your user to be redirected to a different page, you can pass in additional options
picket.loginWithPopupis an alternative implementation of the PKCE flow that uses a popup rather than a redirect to securely authenticate users. The lack of redirects is convenient from a user experience perspective, but popups are often blocked by browsers, especially on mobile browsers. If you use this method, warn your users to enable popups on their browser if the flow fails.