Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Handling oAuth refresh token #121

Open
dominikkurbiel opened this issue Aug 29, 2018 · 1 comment
Open

Handling oAuth refresh token #121

dominikkurbiel opened this issue Aug 29, 2018 · 1 comment

Comments

@dominikkurbiel
Copy link

Hello,

I have oAuth authorization in my app. But I'm confused with the implementation of refresh token service.

At the moment I created instance of axios and apply to logic middleware.
After login I use my AuthService to set headers with authorization token to my axios instance, and set tokens to localStorage.

Then I create axios interceptor to handle 401 error and send request to get new token, after success response I change authorization header and resend original request with new token. It works fine, but it is not connected to redux-logic now. Request is called, and I get the response but not as redux action.

It looks like:

  1. GET_CURRENT_USER_START
    //token expired
  2. GET_CURRENT_USER_ERROR
    // here I want to call GET_CURRENT_USER_START action again after received new token

My interceptor:

let isAlreadyFetchingAccessToken = false;

const httpClient = axios.create({
  baseURL: config.APP_URL,
});

httpClient.interceptors.response.use(function (response) {
  return response
}, function (error) {
  const { config, response: { status } } = error;
  const originalRequest = config;

  if (status === 401) {
    if (!isAlreadyFetchingAccessToken) {
      isAlreadyFetchingAccessToken = true;

      return axios.post(refreshTokenUrl)
      .then((res) => {
        isAlreadyFetchingAccessToken = false;
        AuthService.saveAuth(res.data);
        originalRequest.headers['Authorization'] = 'Bearer ' + res.data.access_token;
        httpClient(originalRequest); // here request is calling but not as redux action
      });
    }
  }
  return Promise.reject(error)
});

export default httpClient;

How to handle oAuth2 refresh token in redux-logic?

Perfect scenario:

  1. User hit button to receive data from api. // GET_USERS_START
  2. Token is expired.
  3. Browser get 401 error (Unauthorized). // GET_USERS_ERROR
  4. Redux-logic automatically handle that, and make request for new token.
  5. New token is received, headers of my axios instance is changed to new autorization token.
  6. GET_USERS_START action is called automatically.
@skbolton
Copy link

It would be good to see your logic that is doing a call with this http client. On the surface things look fine but would need to see the call site.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@skbolton @dominikkurbiel