Act on token expiration by deleting token and updating directive UI. #59
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
AlexJF
force-pushed
the
directive-update-expired
branch
from
9d1b134 to
cc3b644
Compare
andreareginato
added a commit
that referenced
this pull request
Nov 29, 2014
Act on token expiration by deleting token and updating directive UI.
Collaborator
|
In my flow I use the expired event to show a new page where I ask for a refresh. Anyway, your addition seems to be working together with the flow I've been using. Gonna merge and make some checks. Thanks a lot @AlexJF. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
As it is, oauth-ng will continue to assume the saved token works even if it has already expired. Namely, the text in the directive will still ask for a Logout.
Now, I've seen in #17 that there are some plans for adding auto-renewal capaibilities. This sounds really cool. However, in the meanwhile, I suggest we put the directive back into a 'logged-off' status upon token expiration.
I've tested this in my web app and it appears to be working ok. After token expiration it now updates the directive to show 'Sign in' instead of 'Sign off' and we can request a renewal directly by clicking on it once instead of twice (without this, we'd need one click to make the directive logout and another to make it login again).
I'm not sure if we should actively destroy the token or not though. It works well in my workflow but perhaps the old token is needed for some renewal processes?