mirror of
https://github.com/MODSetter/SurfSense.git
synced 2026-07-04 22:02:16 +02:00
refactor(auth): streamline session handling with authenticatedFetch
This commit is contained in:
parent
4b6bcaeb1b
commit
3ce759f1d6
2 changed files with 56 additions and 51 deletions
|
|
@ -1,7 +1,7 @@
|
||||||
"use client";
|
"use client";
|
||||||
|
|
||||||
import { useCallback, useEffect, useState } from "react";
|
import { useCallback, useEffect, useState } from "react";
|
||||||
import { refreshSession } from "@/lib/auth-utils";
|
import { authenticatedFetch } from "@/lib/auth-fetch";
|
||||||
import { buildBackendUrl } from "@/lib/env-config";
|
import { buildBackendUrl } from "@/lib/env-config";
|
||||||
|
|
||||||
type SessionState =
|
type SessionState =
|
||||||
|
|
@ -9,22 +9,6 @@ type SessionState =
|
||||||
| { status: "authenticated"; authenticated: true; accessExpiresAt: number | null }
|
| { status: "authenticated"; authenticated: true; accessExpiresAt: number | null }
|
||||||
| { status: "unauthenticated"; authenticated: false; accessExpiresAt: null };
|
| { status: "unauthenticated"; authenticated: false; accessExpiresAt: null };
|
||||||
|
|
||||||
async function getSessionHeaders(): Promise<HeadersInit> {
|
|
||||||
if (typeof window === "undefined" || !window.electronAPI?.getAccessToken) {
|
|
||||||
return {};
|
|
||||||
}
|
|
||||||
|
|
||||||
const token = await window.electronAPI.getAccessToken();
|
|
||||||
return token ? { Authorization: `Bearer ${token}` } : {};
|
|
||||||
}
|
|
||||||
|
|
||||||
async function fetchSession(): Promise<Response> {
|
|
||||||
return fetch(buildBackendUrl("/auth/session"), {
|
|
||||||
credentials: "include",
|
|
||||||
headers: await getSessionHeaders(),
|
|
||||||
});
|
|
||||||
}
|
|
||||||
|
|
||||||
export function useSession() {
|
export function useSession() {
|
||||||
const [state, setState] = useState<SessionState>({
|
const [state, setState] = useState<SessionState>({
|
||||||
status: "loading",
|
status: "loading",
|
||||||
|
|
@ -34,13 +18,9 @@ export function useSession() {
|
||||||
|
|
||||||
const refresh = useCallback(async () => {
|
const refresh = useCallback(async () => {
|
||||||
try {
|
try {
|
||||||
let response = await fetchSession();
|
const response = await authenticatedFetch(buildBackendUrl("/auth/session"), {
|
||||||
if (response.status === 401) {
|
skipAuthRedirect: true,
|
||||||
const refreshed = await refreshSession();
|
});
|
||||||
if (refreshed) {
|
|
||||||
response = await fetchSession();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if (!response.ok) {
|
if (!response.ok) {
|
||||||
setState({
|
setState({
|
||||||
status: "unauthenticated",
|
status: "unauthenticated",
|
||||||
|
|
|
||||||
|
|
@ -7,6 +7,12 @@ type DesktopAccessTokenOptions = {
|
||||||
forceRefresh?: boolean;
|
forceRefresh?: boolean;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
type AuthenticatedFetchOptions = RequestInit & {
|
||||||
|
skipAuthRedirect?: boolean;
|
||||||
|
skipRefresh?: boolean;
|
||||||
|
forceDesktopTokenRefresh?: boolean;
|
||||||
|
};
|
||||||
|
|
||||||
function subscribeToDesktopAuth(): void {
|
function subscribeToDesktopAuth(): void {
|
||||||
if (didSubscribeToDesktopAuth || typeof window === "undefined" || !window.electronAPI) {
|
if (didSubscribeToDesktopAuth || typeof window === "undefined" || !window.electronAPI) {
|
||||||
return;
|
return;
|
||||||
|
|
@ -40,42 +46,61 @@ export function getAuthHeaders(additionalHeaders?: Record<string, string>): Reco
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
async function fetchWithAuth(
|
||||||
|
url: string,
|
||||||
|
options: RequestInit,
|
||||||
|
{ forceDesktopTokenRefresh = false }: { forceDesktopTokenRefresh?: boolean } = {}
|
||||||
|
): Promise<Response> {
|
||||||
|
const headers = new Headers(options.headers);
|
||||||
|
const token = await getDesktopAccessToken({ forceRefresh: forceDesktopTokenRefresh });
|
||||||
|
if (token) {
|
||||||
|
headers.set("Authorization", `Bearer ${token}`);
|
||||||
|
}
|
||||||
|
|
||||||
|
return fetch(url, {
|
||||||
|
...options,
|
||||||
|
headers,
|
||||||
|
credentials: options.credentials ?? "include",
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
export async function authenticatedFetch(
|
export async function authenticatedFetch(
|
||||||
url: string,
|
url: string,
|
||||||
options?: RequestInit & { skipAuthRedirect?: boolean; skipRefresh?: boolean }
|
options: AuthenticatedFetchOptions = {}
|
||||||
): Promise<Response> {
|
): Promise<Response> {
|
||||||
const { skipAuthRedirect = false, skipRefresh = false, ...fetchOptions } = options || {};
|
const {
|
||||||
const token = await getDesktopAccessToken();
|
skipAuthRedirect = false,
|
||||||
const headers = {
|
skipRefresh = false,
|
||||||
...(fetchOptions.headers as Record<string, string>),
|
forceDesktopTokenRefresh = false,
|
||||||
...(token ? { Authorization: `Bearer ${token}` } : {}),
|
...fetchOptions
|
||||||
};
|
} = options;
|
||||||
|
|
||||||
const response = await fetch(url, {
|
const response = await fetchWithAuth(url, fetchOptions, {
|
||||||
...fetchOptions,
|
forceDesktopTokenRefresh,
|
||||||
headers,
|
|
||||||
credentials: "include",
|
|
||||||
});
|
});
|
||||||
|
|
||||||
if (response.status === 401 && !skipAuthRedirect) {
|
if (response.status !== 401) {
|
||||||
if (!skipRefresh) {
|
return response;
|
||||||
const refreshed = await refreshSession();
|
}
|
||||||
if (refreshed) {
|
|
||||||
const newToken = await getDesktopAccessToken({ forceRefresh: true });
|
|
||||||
return fetch(url, {
|
|
||||||
...fetchOptions,
|
|
||||||
headers: {
|
|
||||||
...(fetchOptions.headers as Record<string, string>),
|
|
||||||
...(newToken ? { Authorization: `Bearer ${newToken}` } : {}),
|
|
||||||
},
|
|
||||||
credentials: "include",
|
|
||||||
});
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
let unauthorizedResponse = response;
|
||||||
|
if (!skipRefresh) {
|
||||||
|
const refreshed = await refreshSession();
|
||||||
|
if (refreshed) {
|
||||||
|
const retryResponse = await fetchWithAuth(url, fetchOptions, {
|
||||||
|
forceDesktopTokenRefresh: true,
|
||||||
|
});
|
||||||
|
if (retryResponse.status !== 401) {
|
||||||
|
return retryResponse;
|
||||||
|
}
|
||||||
|
unauthorizedResponse = retryResponse;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!skipAuthRedirect) {
|
||||||
handleUnauthorized();
|
handleUnauthorized();
|
||||||
throw new Error("Unauthorized: Redirecting to login page");
|
throw new Error("Unauthorized: Redirecting to login page");
|
||||||
}
|
}
|
||||||
|
|
||||||
return response;
|
return unauthorizedResponse;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue