From 1a2a80b0d02719905eed48c56784186d040524b7 Mon Sep 17 00:00:00 2001
From: Jim O'Donnell <jim@zooniverse.org>
Date: Mon, 5 Mar 2018 16:18:15 +0000
Subject: [PATCH] Better handling for token expiration Add _handleExpiredToken,
 which only clears your session if it has actually expired. This should allow
 you to continue to use the Panoptes API, if refresh fails but you still have
 a few minutes left on your old token.

---
 lib/oauth.js | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/lib/oauth.js b/lib/oauth.js
index 840cedd..2063273 100644
--- a/lib/oauth.js
+++ b/lib/oauth.js
@@ -252,6 +252,18 @@ module.exports = new Model({
       });
   },
 
+  _handleExpiredToken: function() {
+    var tokenDetails = JSON.parse(SESSION_STORAGE.getItem(LOCAL_STORAGE_PREFIX + 'tokenDetails'));
+    var tokenHasExpired = false;
+    if (tokenDetails && tokenDetails.expires_at) {
+      tokenHasExpired = Date.now() > tokenDetails.expires_at;
+    }
+    if (tokenHasExpired) {
+      console.info('Panoptes session has expired');
+      this._deleteBearerToken();
+    }
+  },
+
   _handleNewBearerToken: function(tokenDetails) {
     if (tokenDetails && tokenDetails.access_token) {
       console.log('Got new bearer token', tokenDetails.access_token.slice(-6));
@@ -273,9 +285,8 @@ module.exports = new Model({
         return this._handleNewBearerToken(tokenDetails);
       }.bind(this))
       .catch(function (error) {
-        console.info('Panoptes session has expired');
         console.log(error);
-        this._deleteBearerToken();
+        this._handleExpiredToken();
         return null;
       }.bind(this));
   },