- Notifications
You must be signed in to change notification settings - Fork6
Extremely lightweight and tested universal refresh token scheduler.
License
NotificationsYou must be signed in to change notification settings
noderaider/jwt-autorefresh
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
Extremely lightweight and tested universal refresh token scheduler. Ensures access tokens are always refreshed in advance of their expiration automatically and integrates with any third party api / persistence architecture.
npm i -S jwt-autorefresh
importautorefreshfrom'jwt-autorefresh'import{onAuthorize,onDeauthorize}from'./events'/** Function that returns a promise which will resolve to a simple jwt access_token (you handle the persistence mechanism) */constrefresh=()=>{constinit={method:'POST',headers:{'Content-Type':`application/x-www-form-urlencoded`},body:`refresh_token=${localStorage.refresh_token}&grant_type=refresh_token`}returnfetch('/oauth/token',init).then(res=>res.json()).then(({ token_type, access_token, expires_in, refresh_token})=>{localStorage.access_token=access_tokenlocalStorage.refresh_token=refresh_tokenreturnaccess_token})}/** You supply a leadSeconds number or function that generates a number of seconds that the refresh should occur prior to the access token expiring */constleadSeconds=()=>{/** Generate random additional seconds (up to 30 in this case) to append to the lead time to ensure multiple clients dont schedule simultaneous refresh */constjitter=Math.floor(Math.random()*30)/** Schedule autorefresh to occur 60 to 90 seconds prior to token expiration */return60+jitter}letstart=autorefresh({ refresh, leadSeconds})letcancel=()=>{}onAuthorize(access_token=>{cancel()cancel=start(access_token)})onDeauthorize(()=>cancel())
About
Extremely lightweight and tested universal refresh token scheduler.
Topics
Resources
License
Stars
Watchers
Forks
Packages0
No packages published