Better handling for token expiration

Add _handleExpiredToken, which only clears your session if it has actually expired. This should allow you to continue to use the Panoptes API, if refresh fails but you still have a few minutes left on your old token.
zooniverse · Mar 5, 2018 · 1a2a80b · 1a2a80b
1 parent 9e2f32b
commit 1a2a80b
Showing 1 changed file with 13 additions and 2 deletions.
diff --git a/lib/oauth.js b/lib/oauth.js
@@ -252,6 +252,18 @@ module.exports = new Model({
       });
   },
 
+  _handleExpiredToken: function() {
+    var tokenDetails = JSON.parse(SESSION_STORAGE.getItem(LOCAL_STORAGE_PREFIX + 'tokenDetails'));
+    var tokenHasExpired = false;
+    if (tokenDetails && tokenDetails.expires_at) {
+      tokenHasExpired = Date.now() > tokenDetails.expires_at;
+    }
+    if (tokenHasExpired) {
+      console.info('Panoptes session has expired');
+      this._deleteBearerToken();
+    }
+  },
+
   _handleNewBearerToken: function(tokenDetails) {
     if (tokenDetails && tokenDetails.access_token) {
       console.log('Got new bearer token', tokenDetails.access_token.slice(-6));
@@ -273,9 +285,8 @@ module.exports = new Model({
         return this._handleNewBearerToken(tokenDetails);
       }.bind(this))
       .catch(function (error) {
-        console.info('Panoptes session has expired');
         console.log(error);
-        this._deleteBearerToken();
+        this._handleExpiredToken();
         return null;
       }.bind(this));
   },