Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

define refresh endpoint for local provider #431

Closed
andr-ec opened this issue Jun 8, 2023 · 3 comments
Closed

define refresh endpoint for local provider #431

andr-ec opened this issue Jun 8, 2023 · 3 comments
Assignees

Comments

@andr-ec
Copy link

andr-ec commented Jun 8, 2023

Describe the feature

include a configuration for the refresh endpoint.

endpoints: {
        signIn: { path: "/api/users/login", method: "post" },
        signOut: { path: "/api/users/logout", method: "post" },
        signUp: { path: "/api/users/register", method: "post" },
        getSession: { path: "/api/users/me", method: "get" },
        refresh: { path: "/api/users/refresh", method: "get" },
      },

The refresh path should automatically be called when the token is set to expire or when it will expire.

Additional information

No response

@zoey-kaiser zoey-kaiser self-assigned this Oct 11, 2023
@zoey-kaiser
Copy link
Member

Hi @andr-ec,

The way I understand this would be:

  • A session fetch is executed
  • This fetch fails as the token expired (we cannot call a route the moment the session is set to expire, as we don't have cron jobs etc, running)
  • If a refresh endpoint is defined, a call to this refresh endpoint is made, with what data? (The previous token?)

Is this what you were thinking of? Or did I misunderstand your request?

@TiborPL
Copy link

TiborPL commented Dec 1, 2023

Hi @andr-ec,

The way I understand this would be:

  • A session fetch is executed
  • This fetch fails as the token expired (we cannot call a route the moment the session is set to expire, as we don't have cron jobs etc, running)
  • If a refresh endpoint is defined, a call to this refresh endpoint is made, with what data? (The previous token?)

Is this what you were thinking of? Or did I misunderstand your request?

Maybe check out the old nuxt-auth module's implementation regarding handling refresh token or request in general. They check the tokens expiration and act accordingly, not by the server's 401 response.

@zoey-kaiser
Copy link
Member

Addressed in #581

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants