> ## Documentation Index
> Fetch the complete documentation index at: https://www.cometchat.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Authentication

> CometChat Calling SDK v5 - Authentication for JavaScript

Before users can make or receive calls, they must be authenticated with the CometChat Calls SDK. This guide covers the login and logout methods.

<Note>
  **Sample Users**

  CometChat provides 5 test users: `cometchat-uid-1`, `cometchat-uid-2`, `cometchat-uid-3`, `cometchat-uid-4`, and `cometchat-uid-5`.
</Note>

## Check Login Status

Before calling `login()`, check if a user is already logged in using `getLoggedInUser()`. The SDK maintains the session internally, so you only need to login once per user session.

```javascript theme={null}
const loggedInUser = CometChatCalls.getLoggedInUser();

if (loggedInUser) {
  // User is already logged in
  console.log("User already logged in:", loggedInUser.uid);
} else {
  // No user logged in, proceed with login
}
```

The `getLoggedInUser()` method returns a user object if a user is logged in, or `null` if no session exists.

## Login with UID and API Key

This method is suitable for development and testing. For production apps, use [Auth Token login](#login-with-auth-token) instead.

<Warning>
  **Security Notice**

  Using the API Key directly in client code is not recommended for production. Use Auth Token authentication for enhanced security.
</Warning>

```javascript theme={null}
const uid = "cometchat-uid-1"; // Replace with your user's UID
const apiKey = "API_KEY"; // Replace with your API Key

if (!CometChatCalls.getLoggedInUser()) {
  try {
    const user = await CometChatCalls.login(uid, apiKey);
    console.log("Login successful:", user.uid);
  } catch (error) {
    console.error("Login failed:", error.errorDescription);
  }
} else {
  // User already logged in
}
```

| Parameter | Type   | Description                                |
| --------- | ------ | ------------------------------------------ |
| `uid`     | String | The unique identifier of the user to login |
| `apiKey`  | String | Your CometChat API Key                     |

## Login with Auth Token

This is the recommended authentication method for production applications. The Auth Token is generated server-side, keeping your API Key secure.

### Auth Token Flow

1. User authenticates with your backend
2. Your backend calls the [CometChat Create Auth Token API](https://api-explorer.cometchat.com/reference/create-authtoken)
3. Your backend returns the Auth Token to the client
4. Client uses the Auth Token to login

```javascript theme={null}
const authToken = "AUTH_TOKEN"; // Token received from your backend

try {
  const user = await CometChatCalls.loginWithAuthToken(authToken);
  console.log("Login successful:", user.uid);
} catch (error) {
  console.error("Login failed:", error.errorDescription);
}
```

| Parameter   | Type   | Description                            |
| ----------- | ------ | -------------------------------------- |
| `authToken` | String | Auth Token generated via CometChat API |

## User Object

On successful login, the method returns a user object containing user information:

| Property    | Type   | Description                    |
| ----------- | ------ | ------------------------------ |
| `uid`       | String | Unique identifier of the user  |
| `name`      | String | Display name of the user       |
| `avatar`    | String | URL of the user's avatar image |
| `status`    | String | User's online status           |
| `authToken` | String | The user's auth token          |

## Check User Login Status

You can verify if a user is currently logged in:

```javascript theme={null}
const isLoggedIn = CometChatCalls.isUserLoggedIn();

if (isLoggedIn) {
  // User is logged in
} else {
  // User is not logged in
}
```

## Get User Auth Token

Retrieve the auth token of the currently logged-in user:

```javascript theme={null}
const authToken = CometChatCalls.getUserAuthToken();

if (authToken) {
  console.log("User auth token:", authToken);
}
```

## Logout

Call `logout()` when the user signs out of your application. This clears the local session and disconnects from CometChat services.

```javascript theme={null}
try {
  const message = await CometChatCalls.logout();
  console.log("Logout successful:", message);
} catch (error) {
  console.error("Logout failed:", error.errorDescription);
}
```

## Error Handling

Common authentication errors:

| Error Code                   | Description                                  |
| ---------------------------- | -------------------------------------------- |
| `ERROR_INVALID_UID`          | The provided UID is empty or invalid         |
| `ERROR_UID_WITH_SPACE`       | The UID contains spaces (not allowed)        |
| `ERROR_API_KEY_NOT_FOUND`    | The API Key is missing or invalid            |
| `ERROR_BLANK_AUTHTOKEN`      | The Auth Token is empty                      |
| `ERROR_AUTHTOKEN_WITH_SPACE` | The Auth Token contains spaces (not allowed) |
| `ERROR_LOGIN_IN_PROGRESS`    | A login operation is already in progress     |
| `ERROR_SDK_NOT_INITIALIZED`  | SDK not initialized - call `init()` first    |
| `ERROR_NO_USER_LOGGED_IN`    | No user is currently logged in (for logout)  |