-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[#25] [#36] [Backend] As a user, I can automatically re-authenticate if my access token expires [Backend] As a user, when I am unauthenticated I can see the Login page [#24] [Backend] As a user, when I am authenticated I can see my profile image at the top of all pages #34
base: feature/21-backend-login-email-password
Are you sure you want to change the base?
[#25] [#36] [Backend] As a user, I can automatically re-authenticate if my access token expires [Backend] As a user, when I am unauthenticated I can see the Login page [#24] [Backend] As a user, when I am authenticated I can see my profile image at the top of all pages #34
Conversation
✅ Deploy Preview for moonlit-buttercream-05cb2f ready!
To edit notification comments on pull requests, go to your Netlify site settings. |
3bc55ab
to
76a6a04
Compare
76a6a04
to
5f1297c
Compare
694e8e8
to
ceffe70
Compare
5f1297c
to
1385ce6
Compare
c8e90ca
to
6cba1d1
Compare
caf1305
to
a1ec66d
Compare
6cba1d1
to
e3b555e
Compare
a1ec66d
to
06139d8
Compare
e1cfc27
to
949171a
Compare
}; | ||
/* eslint-enable camelcase */ | ||
|
||
return this.prototype.postRequest('oauth/token', { data: requestParams }); | ||
} | ||
|
||
static loginWithRefreshToken(refreshToken: string) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should we rename this function? Because user won't login after running this function but get the new access token.
static loginWithRefreshToken(refreshToken: string) { | |
static refreshAccessToken(refreshToken: string) { | |
static refreshUserToken(refreshToken: string) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I named it this because the only difference between the login and refresh-token endpoint is we are sending a refresh_token
instead of email/password
, otherwise endpoint and response are identical.
I also deemed "login" just to be storing token in localstorage from endpoint response which is what both do.
Do you still think it's better to change it?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In my opinion, the user needs to log in with their email/password first before they get a refresh token. The user can't initially log in with a refresh token. So to get a new access token, it sounds like the user refreshes the token, not re-login.
Anyway I don't have a strong opinion about this one, I am fine with both name 👍
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I didn't think of that - you're right there's no way to get a refresh_token without logging in first, so I will change the name 👍 @hanam1ni
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What happened 👀
access_token
inAuthorization
header on all requestsacces_token
using refresh token upon401
error, if token doesn't exist then redirect tologin
page.I have some Tests for Axios Interceptors (in requestManager) but I couldn't mock the Interceptor for fetching new token using refresh in RequestManager on error response. For some reason I could not assert the storage was called with the new access token, it kept saying it wasn't called because the re-fetch for new token errors out. it's situated on line
165
inrequestManager.test.ts
withxit
Insight 📝
Proof Of Work 📹
Show us the implementation: screenshots, GIFs, etc.