Expand description
Session management for authenticated Joy operations.
Sessions are time-limited tokens stored locally in ~/.config/joy/sessions/.
They prove that the user has entered their passphrase and derived the correct
identity key within the configured time window.
Structs§
- Session
Claims - Claims encoded in a session token.
- Session
Token - A session token: claims + Ed25519 signature.
Constants§
- SESSION_
ENV_ PREFIX - Prefix for the
JOY_SESSIONenv var value (ADR-033).
Functions§
- create_
session - Create a session token signed by the identity keypair.
- create_
session_ for_ ai - Create a session for an AI member with an ephemeral keypair (ADR-033).
- current_
tty - Detect the current terminal device for session binding.
- encode_
session_ env - Encode a
JOY_SESSIONenv var value from the session id (hex) and the 32-byte ephemeral private key. Layout of the decoded payload:[sid_raw 12 bytes][ephemeral_private 32 bytes], base64-encoded. - load_
session - Load a session token from disk for a specific member, if it exists.
- load_
session_ by_ id - Load a session by its opaque ID (the JOY_SESSION value).
- parse_
session_ env - Parse a
JOY_SESSIONenv var value produced byencode_session_env. Returns(sid_hex, ephemeral_private_bytes)or None on malformed input. - project_
id - Derive a stable project ID from project name and acronym.
- project_
id_ of - Same as
project_idbut operates on an in-memoryProject. Useful when the caller needs both the pre- and post-mutation id (e.g. acronym rename migrations) without re-reading the yaml. - remove_
session - Remove a session token from disk for a specific member.
- save_
session - Save a session token to disk.
- session_
id - The session ID: a short, deterministic, opaque identifier for a session.
Used as the filename stub for the session file and as part of the
JOY_SESSIONenv var payload. - validate_
session - Validate a session token against a public key and project ID.