Private Static ReadonlyLOCK_Private Static ReadonlyLOCK_Private Static ReadonlyREFRESH_StaticclearStaticclearClear saved session from disk
StaticgetGet an existing session or create a new one via SRP authentication. This method implements session reuse: if a valid session exists, it is returned immediately without performing SRP auth. This significantly reduces auth overhead.
Username for authentication (if new session needed)
Password for authentication (if new session needed)
If true, validates existing session with an API call
Valid session (existing or newly created)
StaticgetGet session directory path
Path to session directory
StaticgetGet session file path
Path to session file
StaticgetGet a valid session, proactively refreshing tokens if they are expiring soon. This method should be called before operations to ensure the token is valid for the duration of the operation (preventing mid-operation expiration).
Valid session or null if no session exists
StatichashHash a username for session identity comparison. Uses SHA-256 of the lowercased, trimmed username.
StatichasCheck if a valid session exists
True if a valid session exists
Private StaticisCheck if a session token is expiring soon (within REFRESH_THRESHOLD_MS).
Session to check
True if token expires within the threshold
StaticisCheck if the current session belongs to a specific user. Returns true if a valid session exists AND its userHash matches. Returns false if no session exists, session is invalid, or hash doesn't match. Legacy sessions without userHash are treated as matching (backward compat).
Private StaticisValidate session object has all required fields
Session object to validate
True if session is valid
StaticloadLoad cached crypto-init API responses (keySalts, user, addresses). Returns null if cache is missing, corrupted, or belongs to a different session.
StaticloadLoad session credentials from disk
Session credentials or null if not found
Private StaticrefreshRefresh session tokens using the refresh token. Updates the session file with new tokens and expiration time.
Current session to refresh
Updated session with new tokens
StaticsaveSave crypto-init API responses to disk. Tied to the current session UID so it auto-invalidates on re-login.
StaticsaveSave session credentials to disk with file locking.
Session credentials to save
StaticvalidateValidate a session by checking token expiration and optionally making a lightweight API call.
Session to validate
If true, makes an API call to verify the session is valid on the server
True if session is valid
Private Staticwith
Clear the crypto cache (e.g. on logout or session change).