Allow handling of non-expired tokens when server returns 401

SpoonX / aurelia-authentication

Authentication plugin for aurelia.

http://aurelia-authentication.spoonx.org

MIT License

90 stars 60 forks source link

Allow handling of non-expired tokens when server returns 401 #367

Closed Lee-Nover closed 6 years ago

Lee-Nover commented 6 years ago

https://github.com/SpoonX/aurelia-authentication/blob/0f80003a1194fcec5aa595af4a05e80035b5499c/src/fetchClientConfig.js#L64

If the server returns a 401, it shouldn't matter if the token is expired or not; the server doesn't allow the token anymore so we should refresh. Should be ok to just remove the check for token expiration in this line, like so:

if (!this.config.httpInterceptor /*|| !this.authService.isTokenExpired()*/) {

RWOverdijk commented 6 years ago

I don't think that has to be true. It could be that we don't have access to the resource and the server utilizes a wrong status code. Regardless, this wouldn't affect your flow and eventually give you what you expect.

Or am I missing something here?

doktordirk commented 6 years ago

option has been added