{
plyrId: string; // Player ID (lowercase)
otp: string; // 2FA token
expiresIn?: number; // Session expiration in seconds (optional, defaults to 86400s/24hrs)
gameId: string; // Game identifier
}
{
sessionJwt: string;
plyrId: string;
nonce: string;
gameId: string;
primaryAddress: string;
mirrorAddress: string;
}
const timestamp = Date.now().toString();
const body = {
plyrId: 'player123',
otp: '123456', // 2FA token from authenticator app
expiresIn: 3600, // Session will expire in 1 hour
gameId: 'game123' // Your game's identifier
};
const hmac = generateHmacSignature(timestamp, body, secretKey);
const response = await axios.post(apiEndpoint + '/user/login', body, {
headers: {
apikey: apiKey,
signature: hmac,
timestamp: timestamp
}
});
// Store session information securely
const {
sessionJwt, // JWT token for future API calls
plyrId, // Player's ID
nonce, // Unique nonce for this session
gameId, // Game identifier
primaryAddress, // User's primary wallet address
mirrorAddress // User's mirror wallet address
} = response.data;
// Use sessionJwt for subsequent authenticated API calls