codihuston / gairos

A time-keeper and scheduler for tasks
9 stars 2 forks source link

Implement logout #46

Open codihuston opened 4 years ago

codihuston commented 4 years ago

This should clean up the user from the apollo client cache. Currently, if a dev were to sync to the database, and was already logged in via the client, the entire workflow is screwed (cannot read property id of undefined) and "no api token is set"

codihuston commented 4 years ago

If a query is executed but an authentication error is thrown from the server, need to log the user out and back in..

codihuston commented 4 years ago

Complete as of 70477072345fd0618c9a543c571e5ee2228cfcf9. I am concerned because if the user session has expired (24 hours default) or the google access token has expired, google functions stop working.

Looks like if you click logout, sometimes it takes two clicks to fully log out.

codihuston commented 4 years ago

Ideally, so long as the express session does not end, should be able to identify user and get their refresh token from database. Know that the refresh token never expires, but is only set if the end-user auths through google using the consent screen (which should always occur on user's first login).

Again, the session should die at 24hrs. So may need to have a mechanism to control logout, or to prolong session connection when idle...

codihuston commented 4 years ago

I probably should've gone with the JWT from the start