This is initial work to have a better way to deal with refresh tokens (#91)
IMO, the refresh tokens should be implemented using an app middleware that run during SSR or client-side navigation (skipping it during hydration).
I added an example in the playground to move forward and simplify as much as possible the refresh middleware.
This pull request starts simple by adding the ability to forward the cookie back to the main SSR request when calling the clear() method, useful if both access token and refresh tokens are expired.
I also added an example for the refresh middleware.
Later on, I plan to work on a $authFetch (or $api) to make sure the requests done are up to date in term of cookie headers as well as adding listener to automatically refresh the user/session from useUserSession()
pkg-pr-new[bot]
commented
1 week ago
This is initial work to have a better way to deal with refresh tokens (#91)
IMO, the refresh tokens should be implemented using an app middleware that run during SSR or client-side navigation (skipping it during hydration).
I added an example in the playground to move forward and simplify as much as possible the refresh middleware.
This pull request starts simple by adding the ability to forward the cookie back to the main SSR request when calling the
clear()method, useful if both access token and refresh tokens are expired.I also added an example for the refresh middleware.
Later on, I plan to work on a
$authFetch(or $api) to make sure the requests done are up to date in term of cookie headers as well as adding listener to automatically refresh the user/session fromuseUserSession()