User Setup & Tokens

LAST EDIT Feb 16 2021

Tokens are used to authenticate the user. Typically, you send this token from your backend to the client when a user registers or logs in. You generate tokens on your server.

Basic SetupCopied!

You can quickly setup the user with a Token that you already have from our Dashboard and quickly test your chat without thinking about getting a user token from your backend.

1
2
3
4
5
6
7
8
9
10
import StreamChat 
 
/// 1: Create a static token provider. Use it for testing purposes. 
let tokenProvider = TokenProvider.static(Token("{{ chat_user_token }}")) 
 
/// 2: Create a `ChatClientConfig` with the API key. 
let config = ChatClientConfig(apiKeyString: "{{ api_key }}") 
 
/// 3: Create a `ChatClient` instance with the config and the token provider. 
chatClient = ChatClient(config: config, tokenProvider: tokenProvider)

Token Provider - Closure (Recommended)Copied!

The Token Provider method will call your token service to get a token and finish user setup. You need to setup a callback with a tokenProvider function that you need to call when you get the token.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
import StreamChat 
 
/// 1: Create a token provider that fetches the token from your backend service. 
let tokenProvider = TokenProvider.closure { chatClient, completion in 
    let token: Token? = nil 
    let error: Error? = nil 
 
    /// TODO: Fetch a token locally or use URLSession/Alamofire/etc to fetch 
    /// a token from your backend service and pass it into completion 
 
    if let token = token { 
        completion(.success(token)) 
    } else if let error = error { 
        completion(.failure(error)) 
    } 
} 
 
/// 2: Create a `ChatClientConfig` with the API key. 
let config = ChatClientConfig(apiKeyString: "{{ api_key }}") 
 
/// 3: Create a `ChatClient` instance with the config and the token provider. 
chatClient = ChatClient(config: config, tokenProvider: tokenProvider)

Expiring TokensCopied!

By default, user tokens are valid indefinitely. Use Token Provider - Closure method to setup a user with an expiring token. Token Provider will call your token service automatically to refresh it when the user token is expired and resume all queued requests with refreshed token.

Development TokenCopied!

For development applications, it is possible to disable token authentication and use client-side generated tokens.

⚠️ Disabling auth checks is not suitable for a production application and should only be done for proofs-of-concept and applications in the early development stage.

To enable development tokens, you need to change your application configuration in our Dashboard.

1
2
3
4
5
6
7
8
9
10
import StreamChat 
 
/// 1: Create a development token provider. Use it for testing purposes. 
let tokenProvider = TokenProvider.development(userId: "john-doe") 
 
/// 2: Create a `ChatClientConfig` with the API key. 
let config = ChatClientConfig(apiKeyString: "{{ api_key }}") 
 
/// 3: Create a `ChatClient` instance with the config and the token provider. 
chatClient = ChatClient(config: config, tokenProvider: tokenProvider)

Guest UsersCopied!

Guest sessions can be created client-side and do not require any server-side authentication.

Guest users have a limited set of permissions. You can read more about how to configure permissions here.

1
2
3
4
5
6
7
8
9
10
import StreamChat 
 
/// 1: Create a guest token provider. 
let tokenProvider = TokenProvider.guest(userId: "john-doe") 
 
/// 2: Create a `ChatClientConfig` with the API key. 
let config = ChatClientConfig(apiKeyString: "{{ api_key }}") 
 
/// 3: Create a `ChatClient` instance with the config and the token provider. 
chatClient = ChatClient(config: config, tokenProvider: tokenProvider)

Anonymous UsersCopied!

If a user is not logged in, you can initialize the client with an anonymous token provider. While you’re anonymous, you can’t do much, but for the livestream channel type, you’re still allowed to read the chat conversation.

1
2
3
4
5
6
7
8
9
10
import StreamChat 
 
/// 1: Create an anonymous token provider. 
let tokenProvider = TokenProvider.anonymous 
 
/// 2: Create a `ChatClientConfig` with the API key. 
let config = ChatClientConfig(apiKeyString: "CHAT_USER_TOKEN") 
 
/// 3: Create a `ChatClient` instance with the config and the token provider. 
chatClient = ChatClient(config: config, tokenProvider: tokenProvider)

Creating UsersCopied!

You might want to have a quick way of creating user tokens during development, and may not want to use stream js backend components or stream-cli. In that case, you can use this code snippet to create user tokens.

In your Podfile:

1
pod 'SwiftJWT'

wherever you'd like to generate tokens:

1
2
3
4
5
6
7
8
9
10
11
import SwiftJWT 
private func generateUserToken(for userId: String, from apiSecret: String) throws -> String { 
    let header = Header() 
    let claims = StreamClaims(user_id: userId) 
    var jwt = JWT(header: header, claims: claims) 
    guard let secretData = apiSecret.data(using: .utf8) else { 
        throw NSError(domain: "jwtTokenError", code: -1, userInfo: nil) 
    } 
    let jwtSigner = JWTSigner.hs256(key: secretData) 
    return try jwt.sign(using: jwtSigner).string 
}

Then you can use TokenProvider.static function, and your user will be generated automatically on stream backend.