Token base auth : best flow to handle refresh token

vwasteels · December 19, 2023, 1:22pm

I achieved this by doing so :

Firstly, add a global workflow that will store accessToken_expiresAt and that take a parameter named expires. In my case I had to do :
return Date.now()+context.parameters['expires']. Run this workflow from the Login workflow.

Secondly, add an other global workflow that will :

check if access_token is expired

let expiresAtMs = variables['c42d108a-ed4f-4195-839c-3ba82c8780f6']
return expiresAtMs < Date.now()

if expired, renew it by calling POST /auth/refresh,
store the new access_token and refresh_token,
call the other global workflow that will update accessToken_expiresAt.

If any of this fails : log out the user and go to log in page, that would mean that the refresh_token has also expired and user needs to log in again.

Now in my local workflow that needs to fetch protected data, I just add the second global workflow as the first operation.

Any better idea ?

Topic		Replies	Views
Xano auth - how to implement refresh token How do I? authentication , xano	0	44	September 18, 2024
Token Based Auth - refresh token How do I? authentication , xano	0	95	April 5, 2024
Token Based Auth Documentation Ask us anything authentication , token	0	273	March 23, 2023
On page refresh the website will be lost the data and automaticlly redirect logout Ask us anything	3	160	November 27, 2023
Assistance Needed for Implementing Google BigQuery API with OAuth2 Refresh Token Ask us anything authentication , token	0	61	May 28, 2024

Token base auth : best flow to handle refresh token

Related Topics