#How to create a session after creating a User?

I am building a Flask API and using the Appwrite SDK to build a API which I'll use with my frontend.

users.create_sha_user(user_id=username, email=email, password=password, name=name, password_version='sha256')

Now, that I have got a user created, how can the user login, which I guess is creating a session?

Creating session for user in Appwrite is done through the account API and requires user action in the frontend https://appwrite.io/docs/client/account

Are you referring to the option to create user session programmatically?
There is no direct way to achieve this.
You can see this message #1102768921846755432 message

I see, but how will sign in be done?

Email/User ID + Password?

Ohh sure,

So you can use the account api as such

const promise = account.createEmailSession('[email protected]', 'password');

See here for more details
https://appwrite.io/docs/client/account?sdk=web-default#accountCreateEmailSession

I guess that needs the user to click on a link received in email, right?

Typically, people create a front-end app and use a client SDK to create sessions.

You're building a Flask API so you have something between your front end and Appwrite

Thanks for your help, I'll try to sort this out ❤️

Assuming you want to make requests on behalf of a user in your Flask API, you would either need to manage sessions in your Flask API or offload authentication to the front end and then pass a JWT token to your Flask API.

I guess I can do it with the RUST API 😉

Yes, if you want to manage the session in your Flask API, you would have to manually make the REST API call to create the session. Then, you can extract the cookie and manage it in your Flask API

Thanks!

Should here I provide plain or encrypted password? In creating the user, I used a encrypted passwor

In what endpoint?

In /v1/account/sessions/email use plain password

Ok thanks!

@visual basalt Sorry for distrubing, I managed out to create a session, but where is the cookie located?

cookie = response['cookie']```

I hope if the documentation provided example responses, I will try to check myself 😉

PS. you better guys check this bug: https://github.com/appwrite/sdk-for-python/issues/58

See https://appwrite.io/docs/rest#client-auth. There's also the fallback header

I have sent a request with Insomnia, this is the response:

{
    "$id": "64650d9c6fdec65ec0e9",
    "$createdAt": "2023-05-17T17:23:40.545+00:00",
    "userId": "someone",
    "expire": "2023-05-18 17:23:40.458",
    "provider": "email",
    "providerUid": "[email protected]",
    "providerAccessToken": "",
    "providerAccessTokenExpiry": "",
    "providerRefreshToken": "",
    "ip": "1.1.1.1",
    "osCode": "",
    "osName": "",
    "osVersion": "",
    "clientType": "",
    "clientCode": "",
    "clientName": "",
    "clientVersion": "",
    "clientEngine": "",
    "clientEngineVersion": "",
    "deviceName": "",
    "deviceBrand": "",
    "deviceModel": "",
    "countryCode": "ae",
    "countryName": "The Unknown Country :)",
    "current": true
}```

What should I get from here?

Or should I get cookies?

I see, which one should I use? legacy ?

And how can I like use it to authenticate in front-end, like if I use NextJS?

@visual basalt

you would have to make sure your server-side code uses that cookie in requests

btw, it's helpful to have descriptive titles