authenticate`

/sonolus/authenticate allows Sonolus app to establish an authentication session.

Query Parameters

None.

Request Headers

Header	Value	Description
`Sonolus-Signature`	`string`	See `Sonolus-Signature`.

Request Body

type AuthenticateServerRequest = {
    type: 'authenticateServer'
    address: string
    time: number
    userProfile: UserProfile
}

`type`

Server should verify that type equals to 'authenticateServer'.

`address`

Server should verify that address matches server address.

`time`

Server should verify that time is recent.

Response Code

Code	Description
`200 OK`
`401 Unauthorized`	Authentication rejected.

Response Headers

Header	Value	Description
`Sonolus-Version`	`string`	Optional, see `Sonolus-Version`.

Response Body

type AuthenticateServerResponse = {
    session: string
    expiration: number
}

`session`

Server defined session information.

`expiration`

Session expiration time, in Unix timestamp in milliseconds.

Session should be short lived, recommended 30 minutes or less. Once expired, Sonolus app will initiate re-authentication process automatically.

Examples

{
    "session": "...",
    "expiration": 1640995200000
}

Remarks

Server should verify that request body is authentic using Sonolus-Signature request header.

# POST /sonolus/authenticate

# Query Parameters

# Request Headers

# Request Body

# type

# address

# time

# Response Code

# Response Headers

# Response Body

# session

# expiration

# Examples

# Remarks