refactor(auth): streamline session handling with authenticatedFetch

This commit is contained in:
Anish Sarkar 2026-06-26 22:05:11 +05:30
parent 4b6bcaeb1b
commit 3ce759f1d6
2 changed files with 56 additions and 51 deletions

View file

@ -1,7 +1,7 @@
"use client"; "use client";
import { useCallback, useEffect, useState } from "react"; import { useCallback, useEffect, useState } from "react";
import { refreshSession } from "@/lib/auth-utils"; import { authenticatedFetch } from "@/lib/auth-fetch";
import { buildBackendUrl } from "@/lib/env-config"; import { buildBackendUrl } from "@/lib/env-config";
type SessionState = type SessionState =
@ -9,22 +9,6 @@ type SessionState =
| { status: "authenticated"; authenticated: true; accessExpiresAt: number | null } | { status: "authenticated"; authenticated: true; accessExpiresAt: number | null }
| { status: "unauthenticated"; authenticated: false; accessExpiresAt: null }; | { status: "unauthenticated"; authenticated: false; accessExpiresAt: null };
async function getSessionHeaders(): Promise<HeadersInit> {
if (typeof window === "undefined" || !window.electronAPI?.getAccessToken) {
return {};
}
const token = await window.electronAPI.getAccessToken();
return token ? { Authorization: `Bearer ${token}` } : {};
}
async function fetchSession(): Promise<Response> {
return fetch(buildBackendUrl("/auth/session"), {
credentials: "include",
headers: await getSessionHeaders(),
});
}
export function useSession() { export function useSession() {
const [state, setState] = useState<SessionState>({ const [state, setState] = useState<SessionState>({
status: "loading", status: "loading",
@ -34,13 +18,9 @@ export function useSession() {
const refresh = useCallback(async () => { const refresh = useCallback(async () => {
try { try {
let response = await fetchSession(); const response = await authenticatedFetch(buildBackendUrl("/auth/session"), {
if (response.status === 401) { skipAuthRedirect: true,
const refreshed = await refreshSession(); });
if (refreshed) {
response = await fetchSession();
}
}
if (!response.ok) { if (!response.ok) {
setState({ setState({
status: "unauthenticated", status: "unauthenticated",

View file

@ -7,6 +7,12 @@ type DesktopAccessTokenOptions = {
forceRefresh?: boolean; forceRefresh?: boolean;
}; };
type AuthenticatedFetchOptions = RequestInit & {
skipAuthRedirect?: boolean;
skipRefresh?: boolean;
forceDesktopTokenRefresh?: boolean;
};
function subscribeToDesktopAuth(): void { function subscribeToDesktopAuth(): void {
if (didSubscribeToDesktopAuth || typeof window === "undefined" || !window.electronAPI) { if (didSubscribeToDesktopAuth || typeof window === "undefined" || !window.electronAPI) {
return; return;
@ -40,42 +46,61 @@ export function getAuthHeaders(additionalHeaders?: Record<string, string>): Reco
}; };
} }
async function fetchWithAuth(
url: string,
options: RequestInit,
{ forceDesktopTokenRefresh = false }: { forceDesktopTokenRefresh?: boolean } = {}
): Promise<Response> {
const headers = new Headers(options.headers);
const token = await getDesktopAccessToken({ forceRefresh: forceDesktopTokenRefresh });
if (token) {
headers.set("Authorization", `Bearer ${token}`);
}
return fetch(url, {
...options,
headers,
credentials: options.credentials ?? "include",
});
}
export async function authenticatedFetch( export async function authenticatedFetch(
url: string, url: string,
options?: RequestInit & { skipAuthRedirect?: boolean; skipRefresh?: boolean } options: AuthenticatedFetchOptions = {}
): Promise<Response> { ): Promise<Response> {
const { skipAuthRedirect = false, skipRefresh = false, ...fetchOptions } = options || {}; const {
const token = await getDesktopAccessToken(); skipAuthRedirect = false,
const headers = { skipRefresh = false,
...(fetchOptions.headers as Record<string, string>), forceDesktopTokenRefresh = false,
...(token ? { Authorization: `Bearer ${token}` } : {}), ...fetchOptions
}; } = options;
const response = await fetch(url, { const response = await fetchWithAuth(url, fetchOptions, {
...fetchOptions, forceDesktopTokenRefresh,
headers,
credentials: "include",
}); });
if (response.status === 401 && !skipAuthRedirect) { if (response.status !== 401) {
if (!skipRefresh) { return response;
const refreshed = await refreshSession(); }
if (refreshed) {
const newToken = await getDesktopAccessToken({ forceRefresh: true });
return fetch(url, {
...fetchOptions,
headers: {
...(fetchOptions.headers as Record<string, string>),
...(newToken ? { Authorization: `Bearer ${newToken}` } : {}),
},
credentials: "include",
});
}
}
let unauthorizedResponse = response;
if (!skipRefresh) {
const refreshed = await refreshSession();
if (refreshed) {
const retryResponse = await fetchWithAuth(url, fetchOptions, {
forceDesktopTokenRefresh: true,
});
if (retryResponse.status !== 401) {
return retryResponse;
}
unauthorizedResponse = retryResponse;
}
}
if (!skipAuthRedirect) {
handleUnauthorized(); handleUnauthorized();
throw new Error("Unauthorized: Redirecting to login page"); throw new Error("Unauthorized: Redirecting to login page");
} }
return response; return unauthorizedResponse;
} }