Determine a way to request a new auth token when app loses authorization

seve / whats-playing

Find and share music with the world

http://whats-playing.techseve.com

GNU General Public License v3.0

1 stars 10 forks source link

Determine a way to request a new auth token when app loses authorization #18

Open seve opened 6 years ago

seve commented 6 years ago

In some cases the app loses authentication and does not pick up a new token unless the dyno is rebooted.

What needs to be done is a rewiring of the api implementation to recognize when a 401 is received from Spotify and then update the auth token in response.

Relevant error code: { [WebapiError: Unauthorized] name: 'WebapiError', message: 'Unauthorized', statusCode: 401 }

fluffynuts commented 6 years ago

Hi, I think I have a possible solution for you, if you're interested?

refresh the user's cookie token on each request
redirect to login via an axios interceptor looking for http status 401

I have the code pretty-much done -- just installing mongodb on my machine to test. Can I pick this up?

seve commented 6 years ago

@fluffynuts By all means go for it. I should clarify that this application is following the client credentials flow, meaning that the token has no connection to the user itself, just the server that the web app is running on.

seve commented 6 years ago

I am going to re open this issue for any one else wishing to tackle the task.