+152 -26

apps/client/src/contexts/TokenProvider.tsx

reviewed

··· 1 1 - import { useApolloClient } from "@apollo/client"; 2 1 import { raise } from "@cv/utils"; 2 2 + import { useQueryClient } from "@tanstack/react-query"; 3 3 import { 4 4 createContext, 5 5 type ReactNode, 6 6 + useCallback, 6 7 useContext, 7 8 useEffect, 9 9 + useRef, 8 10 useState, 9 11 } from "react"; 10 10 - import { AUTH_TOKEN_KEY } from "@/constants/auth"; 11 11 - import { useMeMinimalQuery } from "@/generated/graphql"; 12 12 + import { 13 13 + AUTH_REFRESH_TOKEN_KEY, 14 14 + AUTH_TOKEN_EXPIRY_KEY, 15 15 + AUTH_TOKEN_KEY, 16 16 + } from "@/constants/auth"; 17 17 + import { 18 18 + useMeMinimalQuery, 19 19 + useRefreshTokenMutation, 20 20 + } from "@/generated/graphql"; 21 21 + import { setGraphQLToken } from "@/utils/graphql-fetcher"; 22 22 + 23 23 + interface TokenData { 24 24 + accessToken: string; 25 25 + refreshToken: string; 26 26 + expiresAt: string; // ISO date string 27 27 + } 12 28 13 29 interface TokenContextType { 14 30 token: string | null; 15 15 - setToken: (token: string) => void; 31 31 + setTokens: (data: TokenData) => void; 16 32 clearToken: () => void; 17 33 isAuthenticated: boolean; 18 34 isLoading: boolean; ··· 21 37 const TokenContext = createContext<TokenContextType | null>(null); 22 38 23 39 export function TokenProvider({ children }: { children: ReactNode }) { 24 24 - const [token, setTokenState] = useState<string | null>(null); 40 40 + // Initialize tokens from localStorage on mount 41 41 + const [token, setTokenState] = useState<string | null>(() => 42 42 + localStorage.getItem(AUTH_TOKEN_KEY), 43 43 + ); 44 44 + const [refreshToken, setRefreshTokenState] = useState<string | null>(() => 45 45 + localStorage.getItem(AUTH_REFRESH_TOKEN_KEY), 46 46 + ); 47 47 + const [expiresAt, setExpiresAtState] = useState<string | null>(() => 48 48 + localStorage.getItem(AUTH_TOKEN_EXPIRY_KEY), 49 49 + ); 50 50 + 25 51 const [isAuthenticated, setIsAuthenticated] = useState(false); 26 52 const [isLoading, setIsLoading] = useState(true); 27 27 - const apolloClient = useApolloClient(); 53 53 + const queryClient = useQueryClient(); 54 54 + const refreshTimeoutRef = useRef<NodeJS.Timeout | null>(null); 55 55 + 56 56 + // Refresh token mutation 57 57 + const refreshTokenMutation = useRefreshTokenMutation(); 58 58 + 59 59 + // Sync token to GraphQL fetcher and localStorage whenever it changes 60 60 + const clearToken = useCallback(() => { 61 61 + setTokenState(null); 62 62 + setRefreshTokenState(null); 63 63 + setExpiresAtState(null); 64 64 + setIsAuthenticated(false); 65 65 + queryClient.clear(); 66 66 + 67 67 + if (refreshTimeoutRef.current) { 68 68 + clearTimeout(refreshTimeoutRef.current); 69 69 + refreshTimeoutRef.current = null; 70 70 + } 71 71 + }, [queryClient]); 28 72 29 73 useEffect(() => { 30 30 - const storedToken = localStorage.getItem(AUTH_TOKEN_KEY); 31 31 - setTokenState(storedToken); 32 32 - }, []); 74 74 + // Sync token with GraphQL fetcher 75 75 + setGraphQLToken(token, clearToken); 76 76 + 77 77 + // Sync to localStorage 78 78 + if (token) { 79 79 + localStorage.setItem(AUTH_TOKEN_KEY, token); 80 80 + } else { 81 81 + localStorage.removeItem(AUTH_TOKEN_KEY); 82 82 + } 83 83 + }, [token, clearToken]); 84 84 + 85 85 + useEffect(() => { 86 86 + if (refreshToken) { 87 87 + localStorage.setItem(AUTH_REFRESH_TOKEN_KEY, refreshToken); 88 88 + } else { 89 89 + localStorage.removeItem(AUTH_REFRESH_TOKEN_KEY); 90 90 + } 91 91 + }, [refreshToken]); 92 92 + 93 93 + useEffect(() => { 94 94 + if (expiresAt) { 95 95 + localStorage.setItem(AUTH_TOKEN_EXPIRY_KEY, expiresAt); 96 96 + } else { 97 97 + localStorage.removeItem(AUTH_TOKEN_EXPIRY_KEY); 98 98 + } 99 99 + }, [expiresAt]); 33 100 34 101 const { 35 102 data: meData, 36 36 - loading: meLoading, 103 103 + isLoading: meLoading, 37 104 error: meError, 38 38 - } = useMeMinimalQuery({ skip: !token }); 105 105 + } = useMeMinimalQuery(); 39 106 107 107 + // Function to refresh the access token 108 108 + const refreshAccessToken = useCallback(async () => { 109 109 + if (!refreshToken) { 110 110 + return; 111 111 + } 112 112 + 113 113 + try { 114 114 + const response = await refreshTokenMutation.mutateAsync({ 115 115 + refresh_token: refreshToken, 116 116 + }); 117 117 + 118 118 + // Update tokens with new values 119 119 + setTokenState(response.refreshToken.access_token); 120 120 + setRefreshTokenState(response.refreshToken.refresh_token); 121 121 + setExpiresAtState(response.refreshToken.expires_at); 122 122 + } catch (error) { 123 123 + console.error("Failed to refresh token:", error); 124 124 + // If refresh fails, clear all tokens and log out 125 125 + setTokenState(null); 126 126 + setRefreshTokenState(null); 127 127 + setExpiresAtState(null); 128 128 + setIsAuthenticated(false); 129 129 + queryClient.clear(); 130 130 + } 131 131 + }, [refreshToken, refreshTokenMutation, queryClient]); 132 132 + 133 133 + // Schedule token refresh before expiry 134 134 + useEffect(() => { 135 135 + // Clear any existing timeout 136 136 + if (refreshTimeoutRef.current) { 137 137 + clearTimeout(refreshTimeoutRef.current); 138 138 + refreshTimeoutRef.current = null; 139 139 + } 140 140 + 141 141 + if (!(token && refreshToken && expiresAt)) { 142 142 + return; 143 143 + } 144 144 + 145 145 + // Calculate time until token expires 146 146 + const expiryTime = new Date(expiresAt).getTime(); 147 147 + const now = Date.now(); 148 148 + const timeUntilExpiry = expiryTime - now; 149 149 + 150 150 + // Refresh 1 minute before expiry (or immediately if already expired) 151 151 + const refreshTime = Math.max(0, timeUntilExpiry - 60000); 152 152 + 153 153 + refreshTimeoutRef.current = setTimeout(() => { 154 154 + refreshAccessToken(); 155 155 + }, refreshTime); 156 156 + 157 157 + return () => { 158 158 + if (refreshTimeoutRef.current) { 159 159 + clearTimeout(refreshTimeoutRef.current); 160 160 + } 161 161 + }; 162 162 + }, [token, refreshToken, expiresAt, refreshAccessToken]); 163 163 + 164 164 + // Handle authentication state 40 165 useEffect(() => { 41 166 if (!token) { 42 167 setIsLoading(false); ··· 58 183 if (meError) { 59 184 setIsAuthenticated(false); 60 185 setIsLoading(false); 61 61 - localStorage.removeItem(AUTH_TOKEN_KEY); 62 62 - setTokenState(null); 186 186 + // Try to refresh the token if we have a refresh token 187 187 + if (refreshToken) { 188 188 + refreshAccessToken(); 189 189 + } else { 190 190 + // No refresh token, clear everything 191 191 + setTokenState(null); 192 192 + setRefreshTokenState(null); 193 193 + setExpiresAtState(null); 194 194 + } 63 195 } 64 64 - }, [token, meData, meLoading, meError]); 196 196 + }, [token, meData, meLoading, meError, refreshToken, refreshAccessToken]); 65 197 66 66 - const setToken = (newToken: string) => { 67 67 - localStorage.setItem(AUTH_TOKEN_KEY, newToken); 68 68 - setTokenState(newToken); 198 198 + const setTokens = useCallback((data: TokenData) => { 199 199 + setTokenState(data.accessToken); 200 200 + setRefreshTokenState(data.refreshToken); 201 201 + setExpiresAtState(data.expiresAt); 69 202 setIsLoading(true); 70 70 - }; 71 71 - 72 72 - const clearToken = () => { 73 73 - localStorage.removeItem(AUTH_TOKEN_KEY); 74 74 - setTokenState(null); 75 75 - setIsAuthenticated(false); 76 76 - apolloClient.clearStore(); 77 77 - }; 203 203 + }, []); 78 204 79 205 return ( 80 206 <TokenContext.Provider 81 81 - value={{ token, setToken, clearToken, isAuthenticated, isLoading }} 207 207 + value={{ token, setTokens, clearToken, isAuthenticated, isLoading }} 82 208 > 83 209 {children} 84 210 </TokenContext.Provider>

+7

apps/client/src/features/auth/queries/refresh-token.graphql

reviewed

··· 1 1 + mutation RefreshToken($refresh_token: String!) { 2 2 + refreshToken(refresh_token: $refresh_token) { 3 3 + access_token 4 4 + refresh_token 5 5 + expires_at 6 6 + } 7 7 + }