Current gocardless client credential logic is always generating new tokens in every access, requiring users to authenticate with their bank every time they need to fetch transactions from banks.
This PR introduces a new logic exploring two elements of the the GoCardless token API:
Reusing gocardless api tokens for as long as they are valid. By default, access tokens are valid for 24 hours and refresh tokens are valid for 90 days. The solution here involves persisting the generated tokens in a TokenStore for future re-use of tokens.
Reusing Requisition ids coming from Gocardless API by persisting them. This is what allows the software to reuse user's previously authenticated requisitions.
Three important observations:
I'm introducing the concept of users in this functionality, even though we don't have that concept yet, to leave the door open for a multi-user feature coming at some point soon.
At the moment there is no cloud deployment of this application, so I have implemented a persistence stores that uses local disk. I left the door open for future possible stores in the abstract classes TokenStore and RequisitionStore.
I didn't include encryption yet. I intend to do so before merging it, but feel free to review the current state and provide feedback.
~DO NOT MERGE THIS BEFORE #27~ (already merged)
Current gocardless client credential logic is always generating new tokens in every access, requiring users to authenticate with their bank every time they need to fetch transactions from banks.
This PR introduces a new logic exploring two elements of the the GoCardless token API:
TokenStorefor future re-use of tokens.Requisitionids coming from Gocardless API by persisting them. This is what allows the software to reuse user's previously authenticated requisitions.Three important observations:
TokenStoreandRequisitionStore.