enables jwt refresh on every api call

9bf9b456 · Embruch, Gerd · 048eb4e5 · 9bf9b456 · 9bf9b456 · 9bf9b456
Commit 9bf9b456 authored 11 months ago by Embruch, Gerd
--- a/src/contexts/Auth/AuthState.jsx
+++ b/src/contexts/Auth/AuthState.jsx
@@ -26,11 +26,22 @@ function AuthState({ children }) {
  // ### LOGIN
  async function login(credentials) {
-    const result = await api.post(
+    let result = {};
+    try {
+      result = await api.post(
        '/users/login',
        credentials,
        { withCredentials: true }
      );
+    } catch (error) {
+      result = await api.post(
+        '/users/adminlogin',
+        credentials,
+        { withCredentials: true }
+      );
+      // try to match output with normal user
+      result.data.record = { ...result.data.admin, isAdmin: true };
+    }
    // set current user to login and merge accessToken into currentUser
    dispatchCurrentUser({ type: USER_ACTIONS.SET, payload: { ...result.data.record } });
    setAccessToken(result.data.token);

--- a/src/pages/User/Login.jsx
+++ b/src/pages/User/Login.jsx
@@ -34,7 +34,7 @@ function Login() {
  // ### PREPARE FORM
  const methods = useForm({
    resolver: zodResolver(schema),
-    mode: 'onBlur',
+    mode: 'onSubmit',
    defaultValues: {
      email: '',
      password: ''
@@ -106,7 +106,7 @@ function Login() {
      <div className="mt-4 flex justify-between">
        <Link to="/reset_password">Reset Password</Link>
-        <Link to="/signup">Create an account</Link>
+        <Link to="/signup">Create account</Link>
      </div>
    </>
  );

--- a/src/pages/User/ResetPassword.jsx
+++ b/src/pages/User/ResetPassword.jsx
@@ -38,7 +38,7 @@ function ResetPasswordForm() {
  // ### PREPARE FORM
  const methods = useForm({
    resolver: zodResolver(schema),
-    mode: 'onBlur',
+    mode: 'onSubmit',
    defaultValues: {
      token: token,
    }

--- a/src/pages/User/Signup.jsx
+++ b/src/pages/User/Signup.jsx
@@ -43,7 +43,7 @@ function Signup() {
  // ### PREPARE FORM
  const methods = useForm({
    resolver: zodResolver(schema),
-    mode: 'onBlur',
+    mode: 'onSubmit',
    defaultValues: {
      name: '',
      username: '',

--- a/src/utils/AxiosConfig.js
+++ b/src/utils/AxiosConfig.js
@@ -29,40 +29,21 @@ api.interceptors.request.use(
 // ### RESPONSE INTERCEPTOR 
 // refreshes accessToken if needed
 api.interceptors.response.use(
-  (res) => {
+  async (res) => {
+    switch (res.config.url) {
+      case '/users/refreshjwt':
+      case '/users/logout':
+      case '/users/login':
        return res;
-  },
+      default:
-  async (err) => {
+        const refresh = await api.get(
-    // console.log('JWT error: ', err);
-    // save original request config
-    const originalConfig = err.config;
-    // if access denied and not a retry already
-    // BUG: Infinit loop because _retry isn't set at runtime
-    // console.log('originalConfig: ',originalConfig);
-    // console.log('originalConfig: ',JSON.stringify(originalConfig));
-    if (originalConfig && err?.response?.status === 403 && originalConfig._retry !== true) {
-      // patch config to remember it's a retry
-      originalConfig._retry = true;
-      console.log('trying to refresh the accessToken and rerun the request');
-      // console.log('retry', err.code, originalConfig._retry);
-      // refresh access token
-      try {
-        const result = await api.get(
          '/users/refreshjwt',
          {},
          { withCredentials: true }
        );
-        // TODO: don't store accessToken in localStorage, keep in memory only
+        localStorage.setItem("accessToken", JSON.stringify(refresh.data.token));
-        localStorage.setItem("accessToken", JSON.stringify(result.data.accessToken));
+        return res;
-        // run retry
-        return api(originalConfig);
-      } catch (error) {
-        return Promise.reject(error);
-      }
    }
-    return Promise.reject(err);
  }
 );