Moca Network Docs

Appearance

User Login & Sessions

AIR Kit provides out of the box authentication of users. You may use AIR Kit’s authentication system, or use your existing authentication. By using AIR Kit’s authentication, your users will be able to use one single login across our Ecosystem.

Using AIR Kit as your authentication provider

By default, we provide the following methods for users:

  • Google Login
  • Passwordless Email Login
  • Wallet Login (coming soon)
tsx
login(options?: { authToken?: string; })
: Promise<AirLoginResult>
  • authToken : (highly recommended but optional) pass in your Partner JWT via the parameter with your partnerId inside the payload.
  • This would trigger the AIR Kit login dialog with built-in login methods for the user to choose from.

Custom Auth (Bring your own Auth)

Instead of using AIR Kit as your authentication provider, AIR Kit supports users that have been already authenticated by your system to skip logging in again when using AIR Kit.

To achieve this, pass in additional properties in the Partner JWT during login() , specifically email and partnerUserId .

When an email is provided, we will verify via a one-time password sent to the specified email since it is used as an identifier in the AIR ecosystem.

An example JWT looks like following:

json
{
  "partnerId": "YOUR PARTNER ID",
  "partnerUserId": "YOUR USER ID", // optional
  "email": "YOUR USER EMAIL", // optional
  "exp": 1728973684,
  "iat": 1728970084
}

User Sessions

After successful login, an AirLoginResult object will be returned, which also contains a property token generated by us containing the following information:

json
{
  sub: string,
  abstractAccountAddress: string,
  partnerId: string,
  partnerUserId?: string,
  sourcePartnerId?: string
}

This token can be used in the future to query some of our sdk functions.

You may validate our token by using the following JWKS endpoint: https://static.air3.com/.well-known/jwks.json

Session Management

AIR Kit automatically handles session management out of the box. When users return to your app, they would be automatically logged in provided that they have not logged out in the last 30 days.

  • To require users to log in every time they visit your app, set skipRehydration to true when initializing the SDK.
  • Call isLoggedIn to check the login state of a user.
  • To log out, call logout()