Skip to content

[Fix] DB connection errors with JWT refresh token#150

Merged
JonnyTran merged 6 commits intodevelopfrom
fix/db-connection-and-get-document-errors
Sep 5, 2025
Merged

[Fix] DB connection errors with JWT refresh token#150
JonnyTran merged 6 commits intodevelopfrom
fix/db-connection-and-get-document-errors

Conversation

@JonnyTran
Copy link
Member

@JonnyTran JonnyTran commented Sep 4, 2025

This pull request introduces a robust refresh token mechanism for authentication, improves token management on both backend and frontend, and adds reliability enhancements for database operations. The changes ensure users can securely refresh access tokens without repeated logins, and the backend now issues both access and refresh tokens. Additionally, database queries are made more resilient to connection errors.

Authentication and Token Management

  • Added refresh token support to authentication endpoints: backend now issues both access and refresh tokens on login and OAuth2 flows (Token schema, /token and /token/refresh endpoints, token pair generation) [1] [2] [3] [4].
  • Implemented refresh token validation and access token renewal endpoint (/token/refresh), using minimal user info and without requiring database access [1] [2].
  • Updated frontend AuthRepository to store, retrieve, and use refresh tokens for access token renewal and logout, persisting tokens in localStorage.

Database Reliability

  • Introduced a retry_db_operation decorator to automatically retry database operations on connection errors, improving robustness against transient failures.
  • Applied retry logic to user-related queries (user_exists, get_user_by_username, get_user_by_api_key) for increased reliability.

Configuration Improvements

  • Added new PostgreSQL connection pool and timeout settings to Settings, enabling better control of database connection behavior and resilience [1] [2].

Other Minor Changes

  • Removed unused metadata fields (pmid, doi) from document query logic for cleaner code.

@JonnyTran
Remove unused metadata parameters (pmid, doi) from GetDocumentByRecor…
641b86a 
…dMetadataUseCase
@JonnyTran
Add retry mechanism for database operations and enhance PostgreSQL se…
3a9f531 
…ttings

- Introduced a decorator `retry_db_operation` to handle connection-related errors during database operations with configurable retry parameters.
- Updated `Settings` class to include additional PostgreSQL connection settings: `pool_pre_ping`, `pool_recycle`, `connect_timeout`, and `command_timeout`.
- Refactored user-related database queries in `accounts.py` to utilize the new retry mechanism for improved reliability.
@JonnyTran
Implement refresh token functionality in authentication system
7577b5f 
- Enhanced AuthRepository to store and manage refresh tokens, allowing for access token renewal without re-authentication.
- Updated server-side authentication endpoints to generate and validate refresh tokens, improving user session management.
- Introduced new schemas for refresh token requests and responses, ensuring proper data handling.
- Refactored JWT handling to support token pair creation, including both access and refresh tokens.
@JonnyTran JonnyTran requested review from a team as code owners September 4, 2025 23:38
@JonnyTran JonnyTran merged commit c9898ea into develop Sep 5, 2025
2 checks passed
@JonnyTran JonnyTran deleted the fix/db-connection-and-get-document-errors branch September 5, 2025 00:02
@JonnyTran JonnyTran mentioned this pull request Nov 23, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@JonnyTran

Comments