[feat] Enhance authentication flow with refresh token support and improved session expiration handling #122
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Updates the logic to check for user expiration status directly instead of relying on a timeout. Removes unnecessary timeout and improves user experience by immediately notifying users when their login has expired. Enhances the toast notification with a streamlined dismissal option.
Implements handling of refresh tokens to enhance user session management. Updates error handling to ensure both access and refresh tokens are validated. Includes a new silent sign-in method to refresh user tokens automatically.
Refactors session expiration handling to provide a toast notification for expired logins. Enhances error logging for authentication issues and ensures silent sign-in attempts are made before dispatching the notification.
Aloento
requested review from
sgmv,
bakhterets,
anton-sidelnikov and
SebastianGode
sgmv
approved these changes
Apr 10, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary of the Pull Request:
This pull request introduces several improvements to the user authentication flow, particularly around session expiration and refresh token support:
Improved Login Expiration Handling
The system now directly checks for user expiration status rather than relying on arbitrary timeouts. This change enables immediate feedback to the user when their session has expired.
Removal of Unnecessary Timeout Logic
Simplifies the session handling logic by eliminating redundant timeout code, leading to cleaner implementation and better user experience.
Enhanced Toast Notifications
Toast messages for expired sessions have been upgraded to include a streamlined dismissal mechanism, improving user interaction.
Refresh Token Support
Introduces a refresh token mechanism to automatically extend user sessions without requiring manual re-authentication. A silent sign-in strategy is implemented to renew tokens seamlessly in the background.
Improved Error Handling & Logging
Enhances logging around authentication errors and ensures silent sign-in attempts are prioritized before user-facing errors are displayed.