Session nodes are a specialized node type which the session manager uses to prepare each actor’s session data. Each session node corresponds to an entry in the current actors session data. If a key is defined, the data will be accessible on the SESSION_DATA object. Session nodes also have a lifetime, which can be used to automatically expire stale data as needed.

title

Whenever a session node is hit, the current actor’s session data is evaluated to determine if they have a valid value for the corresponding session data entry. If the key is present and not expired, the “SESSION_DATA found” output is selected. If the current actor does not have a valid value for the session data entry, the “SESSION_DATA missing” output is selected. The final return value of the subgraph attached to the “SESSION_DATA missing” handle will be written to the session data entry, and the control will then advance to the “found” handle.

The simplest example to illustrate the purpose of the session manager is registering for an account, and then signing into the account. Each actor should have one account on your service, and that account must be created before any authorization requests can happen.

title

The “registration” node here is evaluated. If an actor has never registered it will trigger the “missing” output. It will then execute the “register” node, which creates an account on your service. If you return a user ID, the actor can write that to the session data, to use in later flows if needed.

Use the actors profile info like ACTOR.username, ACTOR.email, ACTOR.phone_number, and ACTOR.password.

On a subsequent run for the same actor, the “registration” node will first be evaluated again. As the actor already has a session data entry, it will instead trigger the “found” node, letting it skip directly to the next step.

title

Next, the “authentication” session node will be evaluated. This enables the actor to log in to the account they created on your service, and to obtain an auth token for subsequent authenticated API requests. If the actor does not have a valid session data entry, the “missing” output will be selected. In the “authenticate” code node, the actor will communicate with your API to obtain a session token. Once the token is returned from this node, the value will be stored in the actor’s session data, and will be accessible at the SESSION_DATA.token value. On subsequent runs the actor will reuse the token value, until the key eventually expires.

Set the lifetime to a duration shorter than the TTL of your session token expiration window