ElyBy-Mirror/accounts-frontend
1
0
Fork 0
mirror of https://github.com/elyby/accounts-frontend.git synced 2024-11-10 01:52:04 +05:30
Code Issues Packages Projects Releases Wiki Activity
200a1f339f
accounts-frontend/src/components/user/middlewares/refreshTokenMiddleware.js

98 lines
2.8 KiB
JavaScript
Raw Normal View History

#186: Decouple user middlewares from user actions
2016-08-08 00:47:58 +05:30
import authentication from 'services/api/authentication';
import {updateUser, logout} from '../actions';
/**
* Ensures, that all user's requests have fresh access token
*
* @param {object} store - redux store
* @param {function} store.getState
* @param {function} store.dispatch
*
* @return {object} - request middleware
*/
export default function refreshTokenMiddleware({dispatch, getState}) {
return {
before(data) {
Do not rely on isGuest in auth middleware. Instead use token availability
2016-08-11 00:59:16 +05:30
const {refreshToken, token} = getState().user;
#186: Decouple user middlewares from user actions
2016-08-08 00:47:58 +05:30
const isRefreshTokenRequest = data.url.includes('refresh-token');
Do not rely on isGuest in auth middleware. Instead use token availability
2016-08-11 00:59:16 +05:30
if (!token || isRefreshTokenRequest) {
#186: Decouple user middlewares from user actions
2016-08-08 00:47:58 +05:30
return data;
}
Do not rely on isGuest in auth middleware. Instead use token availability
2016-08-11 00:59:16 +05:30
try {
const SAFETY_FACTOR = 60; // ask new token earlier to overcome time dissynchronization problem
const jwt = getJWTPayload(token);
#186: Decouple user middlewares from user actions
2016-08-08 00:47:58 +05:30
Do not rely on isGuest in auth middleware. Instead use token availability
2016-08-11 00:59:16 +05:30
if (jwt.exp - SAFETY_FACTOR < Date.now() / 1000) {
return requestAccessToken(refreshToken, dispatch).then(() => data);
}
} catch (err) {
dispatch(logout());
#186: Decouple user middlewares from user actions
2016-08-08 00:47:58 +05:30
}
return data;
},
catch(resp, restart) {
/*
{
"name": "Unauthorized",
"message": "You are requesting with an invalid credential.",
"code": 0,
"status": 401,
"type": "yii\\web\\UnauthorizedHttpException"
}
{
"name": "Unauthorized",
"message": "Token expired",
"code": 0,
"status": 401,
"type": "yii\\web\\UnauthorizedHttpException"
}
*/
if (resp && resp.status === 401) {
const {refreshToken} = getState().user;
if (resp.message === 'Token expired' && refreshToken) {
// request token and retry
return requestAccessToken(refreshToken, dispatch).then(restart);
}
dispatch(logout());
}
return Promise.reject(resp);
}
};
}
function requestAccessToken(refreshToken, dispatch) {
let promise;
if (refreshToken) {
Add tests for auth middlewares
2016-08-10 00:47:49 +05:30
promise = authentication.requestToken(refreshToken);
#186: Decouple user middlewares from user actions
2016-08-08 00:47:58 +05:30
} else {
promise = Promise.reject();
}
return promise
Add tests for auth middlewares
2016-08-10 00:47:49 +05:30
.then(({token}) => dispatch(updateUser({
token
#186: Decouple user middlewares from user actions
2016-08-08 00:47:58 +05:30
})))
.catch(() => dispatch(logout()));
}
function getJWTPayload(jwt) {
const parts = (jwt || '').split('.');
if (parts.length !== 3) {
throw new Error('Invalid jwt token');
}
try {
return JSON.parse(atob(parts[1]));
} catch (err) {
throw new Error('Can not decode jwt token');
}
}
Reference in New Issue Copy Permalink