Connection data does not update if token changes
Opened this issue · 2 comments
Facebook Access Tokens can expire, so we should allow for the connection and login routes to update the connection data even when it already exists. Going to mull this over and work on an implementation. Any input would be greatly appreciated.
Also, it would be handy in this situation to be able to logout a user without the app context, in the case that you experience this error in a background task. Is there an easy way to do this that anyone knows off the top of their head?
This could be tricky. I'm wondering if there is support in the API clients to know if an access token has expired and we can, within Flask-Social, handle that somehow, get a new token, and store the new token in the database.
I'm also not sure how you would "logout a user without an app context". Most database extensions (such as Flask-SQLAlchemy) require an app context to access the database. If you have a background/async task, it should be run within an app context.
For instance, here's an example of how to make Celery create an app context before running each task.
With the Facebook API, you receive an error on any request you make. Repeating the login flow should update it, however the way Flask-Social is written, we don't override the connection object when we do a login. We could add an attribute to the connection like "needs_refresh", check for that on the login, and change the flow if it's True. (and you could set the attribute to True any time you run into the error by using the old token.)
Thanks for the example for the context. I usually just import the db object from my __init__.py file, which must carry along a context with it. This will be useful.