overlayed icon indicating copy to clipboard operation
overlayed copied to clipboard

Published 20 hours ago verified publisher icon Hacksore

Implement `refresh_token` logic for authentication

Open Hacksore opened this issue 7 months ago • 0 comments

The code here has access to the refresh_token so we should implement refresh logic so you don't have to login again if the token expires.

Looks like the tokens are valid for 7 week (604800 seconds).

https://github.com/overlayeddev/overlayed/blob/4080a45044490ae1f9cfd8aa5886e157d4b51d20/apps/desktop/src/rpc/manager.ts#L278-L281

image

High level impl would be something like this:

  • [ ] add new versioned API route /v2/token/refresh to hit discord API to refresh - (api handler)
  • [ ] if the token age is older than expiry then refresh it via new endpoint
  • [ ] store the tokens in local storage, probably a good idea to separate them by uid (switching users causes issues)
{
  "1203894712038974": { 
     authdata: {
        refreshToken: "...", accessToken: "...", expiresAt: "..." }
     },
     userdata: {
       id: "98723897"
     }
}

Hacksore avatar Jul 20 '24 18:07 Hacksore