feat: implement auth token synchronization between Electron and web app

- Added IPC channels for getting and setting auth tokens in Electron. - Implemented functions to sync tokens from localStorage to Electron and vice versa. - Updated components to ensure tokens are retrieved from Electron when not available locally. - Enhanced user authentication flow by integrating token management across windows.
2026-04-25 00:36:31 +02:00 · 2026-04-06 23:02:25 -07:00 · 2026-04-06 23:02:25 -07:00 · e920923fa4
commit e920923fa4
parent eb5799336c
8 changed files with 82 additions and 12 deletions
--- a/surfsense_web/lib/auth-utils.ts
+++ b/surfsense_web/lib/auth-utils.ts
@ -87,6 +87,7 @@ export function getBearerToken(): string | null {
 export function setBearerToken(token: string): void {
 	if (typeof window === "undefined") return;
 	localStorage.setItem(BEARER_TOKEN_KEY, token);
+	syncTokensToElectron();
 }

 /**
@ -111,6 +112,7 @@ export function getRefreshToken(): string | null {
 export function setRefreshToken(token: string): void {
 	if (typeof window === "undefined") return;
 	localStorage.setItem(REFRESH_TOKEN_KEY, token);
+	syncTokensToElectron();
 }

 /**
@ -129,6 +131,44 @@ export function clearAllTokens(): void {
 	clearRefreshToken();
 }

+/**
+ * Pushes the current localStorage tokens into the Electron main process
+ * so that other BrowserWindows (Quick Ask, Autocomplete) can access them.
+ */
+function syncTokensToElectron(): void {
+	if (typeof window === "undefined" || !window.electronAPI?.setAuthTokens) return;
+	const bearer = localStorage.getItem(BEARER_TOKEN_KEY) || "";
+	const refresh = localStorage.getItem(REFRESH_TOKEN_KEY) || "";
+	if (bearer) {
+		window.electronAPI.setAuthTokens(bearer, refresh);
+	}
+}
+
+/**
+ * Attempts to pull auth tokens from the Electron main process into localStorage.
+ * Useful for popup windows (Quick Ask, Autocomplete) on platforms where
+ * localStorage is not reliably shared across BrowserWindow instances.
+ * Returns true if tokens were found and written to localStorage.
+ */
+export async function ensureTokensFromElectron(): Promise<boolean> {
+	if (typeof window === "undefined" || !window.electronAPI?.getAuthTokens) return false;
+	if (getBearerToken()) return true;
+
+	try {
+		const tokens = await window.electronAPI.getAuthTokens();
+		if (tokens?.bearer) {
+			localStorage.setItem(BEARER_TOKEN_KEY, tokens.bearer);
+			if (tokens.refresh) {
+				localStorage.setItem(REFRESH_TOKEN_KEY, tokens.refresh);
+			}
+			return true;
+		}
+	} catch {
+		// IPC failure — fall through
+	}
+	return false;
+}
+
 /**
 * Logout the current user by revoking the refresh token and clearing localStorage.
 * Returns true if logout was successful (or tokens were cleared), false otherwise.