Token is not being refreshed

Question

Token is not being refreshed

Finn10111 opened this issue 4 years ago · 4 comments

Hi,

I am using the following versions:

DEBUG: Ember             : 3.18.1
DEBUG: Ember Data        : 3.18.0 
DEBUG: Ember Bootstrap   : 3.1.4 
DEBUG: Ember Simple Auth : 3.0.0

I can login / authenticate and the bearer is included in the headers. After 15 minutes I get an 401 from the API because because the token is expired. Looking at my config/environment.js the token should be refreshed 5 minutes before:

ENV['ember-simple-auth'] = {
    authorizer: 'authorizer:token'
  };
  ENV['ember-simple-auth-token'] = {
    serverTokenEndpoint: '/api/auth/login',
    refreshAccessTokens: true,
    serverTokenRefreshEndpoint: '/api/auth/refresh',
    refreshLeeway: 300, // Refresh the token 5 minutes (300s) before it expires.
    headers: {'Content-Type': 'application/json'},
    tokenPropertyName: 'access_token',
    refreshTokenPropertyName: 'refresh_token',
  };

controller/login.js

import Controller from '@ember/controller';
import { action } from '@ember/object';
import { inject as service } from '@ember/service';
import { tracked } from "@glimmer/tracking";

export default class LoginController extends Controller {
  @tracked errorMessage;
  @service session;

  @action
  async authenticate() {
    let { identification, password } = this;
    try {
      await this.session.authenticate('authenticator:token', {identification, password});
    } catch(error) {
      this.errorMessage = error.error || error;
    }

    if (this.session.isAuthenticated) {
      // What to do with all this success?
    }
  }
}

adapters/application.js

import RESTAdapter from '@ember-data/adapter/rest';
import { computed } from '@ember/object';
import { inject as service } from '@ember/service';
import TokenAdapterMixin from 'ember-simple-auth-token/mixins/token-adapter';

export default class ApplicationAdapter extends RESTAdapter.extend(TokenAdapterMixin, CascadeDeleteMixin) {
  @service session;

  namespace = '/api';

  @computed('session.data.authenticated.access_token')
  get headers() {
    let headers = {};
    if (this.session.isAuthenticated) {
      // OAuth 2
      headers['Authorization'] = `Bearer ${this.session.data.authenticated.access_token}`;
      headers['Content-Type'] = 'application/json';
      headers['Accept'] = 'application/json';
    }

    return headers;
  }
}

I have already successfully used ember-simple-auth-token in the past and I got the refresh working with ease. But now I am stuck an don't know where to look.

Answer 1 · 2020-09-21T14:21:18.000Z

@Finn10111 Do you see a network request being made to the refresh endpoint? Can you provide an example access token?

Answer 2 · 2020-09-23T15:08:19.000Z

@fenichelar Hi, no there is not any network request. This is an exmaple access token:

eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE2MDA4NzM2MjUsIm5iZiI6MTYwMDg3MzYyNSwianRpIjoiMDM1NmIyZWYtZjZlZC00YTUxLTk4NWYtY2JjNzk0OGNlYzAxIiwiZXhwIjoxNjAwODc0NTI1LCJpZGVudGl0eSI6ImZpbm4iLCJmcmVzaCI6ZmFsc2UsInR5cGUiOiJhY2Nlc3MifQ.hCKqIJ8ERjyQWtxoi0U_zIMzfMSD1kNT6jT_zHKVykw

Answer 3 · 2020-09-23T15:13:03.000Z

@Finn10111 The JWT authenticator supports automatically refreshing tokens, the token authenticator does not. authenticator:token in controller/login.js should be authenticator:jwt.

Answer 4 · 2020-09-29T17:38:50.000Z

@fenichelar Thanks a lot, this did the trick, I missed that.