Server-side SDK for Spawn game development platform.
npm install @spawnco/server @spawnco/sdk-types
# or
bun add @spawnco/server @spawnco/sdk-typesThe server SDK provides token verification for authenticating users in your game server:
import { createSDK } from "@spawnco/server";
// Create SDK instance with environment configuration
const sdk = createSDK({
// For HS256 tokens (default)
SUPABASE_JWT_SECRET: process.env.SUPABASE_JWT_SECRET,
// For RS256 tokens (recommended for production)
RSA_PUBLIC_KEY: process.env.RSA_PUBLIC_KEY,
});
// In your WebSocket handler or API endpoint
async function handleConnection(token: string) {
const result = await sdk.user.token.verify(token);
if (!result.valid) {
throw new Error("Invalid token");
}
// Access user information
const { user, expires, payload } = result;
console.log(`User ${user.username} connected`);
console.log(`Token expires at ${expires}`);
console.log(`Variant ID: ${payload.variantId}`);
}Verified tokens include the following information:
interface TokenPayload {
sub: string; // User ID
variantId: string; // Game variant ID
email?: string; // User email
username?: string; // User display name
isGuest: boolean; // Whether user is anonymous
iat: number; // Issued at timestamp
exp: number; // Expiration timestamp
}The SDK supports two token signing algorithms:
-
HS256 (Symmetric): Uses
SUPABASE_JWT_SECRET -
RS256 (Asymmetric): Uses
RSA_PUBLIC_KEYfor verification
The algorithm is automatically detected based on the token header.
The v1 SDK will include additional modules:
- Economy (purchase redemption)
- Inventory (currency and item management)
- Storage (room-based persistence)
See the @spawnco/sdk-types package for the full API surface.