Skip to content

CE-3140: Ping refresh user flow

Johanna Szepanski requested to merge CE-3140-ping-refresh-user-flow into develop

After some discussions with Imre this is how the re-auth flow works.

  • User logs in
  • Every third minute a request is sent to get user info.
  • If user is logged in, user token is refreshed on every request to backend, which then will be at least every third minute.
  • If user token expires, protected endpoints and user info endpoint responds with a 401 status code.
  • An interceptor is added to rtk query to catch all 401:s and when that happens, a login process is initiated.

I couldn't make the context api to work nicely with the interceptor so I switched user global state from context api to redux state manager. Since both rtk query and redux is a part of redux-toolkit, it was very easy and no additional dependencies were needed.

Also to make sure that the state manager is loaded before the UI I moved the provider one step out to index and renamed it to a more generic StateProvider.

To test, use BE merge request dependency. Login -> kill internet -> wait for 1 hour 5 min -> turn on internet -> either wait for the user info request or make a request to a protected endpoint (use one migrated to rtk query) -> you should be prompted to login.

Edited by Johanna Szepanski

Merge request reports

Loading