How to deal with refresh token strategy?

johannschopplich / nuxt-api-party

🐬 Securely connect to any API with a server proxy and generated composables

https://nuxt-api-party.byjohann.dev

MIT License

260 stars 10 forks source link

How to deal with refresh token strategy? #81

Closed ManUtopiK closed 2 months ago

ManUtopiK commented 2 months ago

Describe the feature

Thanks for your nuxt-module!

I wonder if it possible to query an api that use refresh token strategy and OAuth2. Let's say I need to query first the /oauth2/token endpoint to get the access and refresh token, and only after getting the token, querying another endpoint while holding the access token fresh.

How to deal with this strategy ?

Additional information

[ ] Would you be willing to help implement this feature?
[X] Can you think of other implementations of this feature?

Final checks

[X] Check existing issues.

johannschopplich commented 2 months ago

Hi there!

Of course, this module basically provides secure alternatives to Nuxt's $fetch and useFetch composables. So you can query any API and provide refresh tokens. Here's an example:

const authStore = useAuthStore()
const { isLoggedIn } = storeToRefs(authStore)

if (isLoggedIn.value && authStore.isTokenExpired()) {
  await authStore.refresh()
}

const { data } = await useMyApiData(path, {
  headers: computed(() => ({
    ...(isLoggedIn.value && {
      Authorization: `Bearer ${authStore.accessToken}`,
    }),
  })),
})