Sessions
All your users, when using TalkJS, will be logged in to a session. This is a bit like a login session in your own app, except that users don't directly log in to TalkJS. Instead, you ensure that users can only have a TalkJS session when they have a valid session in your app.
Creating a session is typically the first thing you'll do when using TalkJS from JavaScript:
1const me = new Talk.User({2 id: 12345,3 name: 'Dennis Vargas',4});5const session = new Talk.Session({6 appId: '<APP_ID>',7 me: me,8});
As you can see in the code example above, a session describes a connection between a user, your TalkJS account, and, implicitly, the browser or device the user is currently on.
You'll need to replace <APP_ID> with your TalkJS App ID. You can find your App ID in the Settings tab of the TalkJS dashboard.
We recommend that you start a TalkJS session right after the user logs in, on every page - even ones where users can't read or write messages. This way, TalkJS can show desktop notifications and trigger JavaScript events everywhere. This should not impact the performance of your app in any way because the core chat library is loaded asynchronously and very small.
If your app is a server-side rendered web app, we recommend that you start a session on every page load.
A session exists from creation until the user navigates away from the page or closes the tab.
If your app allows your user to log out without unloading the page, we recommend that you destroy the session using the session's destroy method.
TalkJS uses authentication (identity verification) to ensure that:
- The user is who they say they are
- The user has a valid login session on your app
This way, a TalkJS Session can only exist when the user is logged into your app, and not otherwise. We strongly recommend that you enable authentication so that accounts can't be hijacked.
| Field | Type | Description | Example |
|---|---|---|---|
Talk.User | The user currently logged in to your app. | new User({id: 12345, name: "Jeffrey"}) | |
string | Your TalkJS app ID, as found on the Settings page of your dashboard. Note: you have one appId for testing and development, and one for production. Ensure that you use the correct one. | "hF83jaq" | |
string | A token to authenticate the session with. Pass token if you use standard (non-refreshable) authentication. | "eyJhbGciOiJIUzI1NiJ9.eyJ0b2tlblR5cGUiOiJ1c2VyIiwiaXNzIjoiRVhBTVBMRV9BUFAiLCJzdWIiOiJFWEFNUExFX1VTRVIifQ.L2xKxkn0mpK46PKP_S384N0mT1Flog38NAaaiy3nG-I" | |
() => Promise<string> | A callback that fetches a new token from your backend and returns it. Pass tokenFetcher if you use authentication with refreshable tokens. | () => fetch("<ENDPOINT>") .then((res) => res.text()) | |
string | The HMAC-SHA256 hash of the current user id, signed with your TalkJS secret key. Pass signature if you use legacy signature-based authentication. | "65b7788eb354f80b581c0208fb22b1398b248e746a8439865a7b738b012bcef4" |
- The Talk.Session class in the JavaScript SDK reference
- Monitoring active user sessions using the REST API