Hey, Creating RFC to track discussion.
So I've been looking into solving #1576 and its many duplicates, and am close to a solution (pending testing on various providers etc.) - but as part of this process I have 3 changes that I suggest making:
1. Remove the authToken from useAuth and AuthContext
Breaking change - technically
The main issue is that authTokens expire, and the state isn't refreshed automatically at the moment by redwood. By removing this value, we prevent users from accidentally using a stale token, but instead forcing them to use getToken or client.getToken
2. Introduce apollo client middleware, introduce new getFreshToken into authClient shape
Transparent change, non-breaking
I've already done this bit locally, but it's purpose is to always get a fresh token and perform a refresh if required. Now for firebase, we don't need to implement anything new here, but for future proofing we may want to introduce getFreshToken for authClients, incase certain providers have extra logic required to refresh the token before returning.
3. Remove fetchConfigProvider
Transparent change, non-breaking
I'm not a 100% sure about this yet, but using the new AuthMiddleware might make the FetchConfigProvider redundant. All of the functionality will be maintained, its just that we'll remove this extra Context layer that may not be required anymore
Hey, Creating RFC to track discussion.
So I've been looking into solving #1576 and its many duplicates, and am close to a solution (pending testing on various providers etc.) - but as part of this process I have 3 changes that I suggest making:
1. Remove the authToken from useAuth and AuthContext
Breaking change - technically
The main issue is that authTokens expire, and the state isn't refreshed automatically at the moment by redwood. By removing this value, we prevent users from accidentally using a stale token, but instead forcing them to use
getTokenorclient.getToken2. Introduce apollo client middleware, introduce new
getFreshTokeninto authClient shapeTransparent change, non-breaking
I've already done this bit locally, but it's purpose is to always get a fresh token and perform a refresh if required. Now for firebase, we don't need to implement anything new here, but for future proofing we may want to introduce
getFreshTokenfor authClients, incase certain providers have extra logic required to refresh the token before returning.3. Remove fetchConfigProvider
Transparent change, non-breaking
I'm not a 100% sure about this yet, but using the new
AuthMiddlewaremight make the FetchConfigProvider redundant. All of the functionality will be maintained, its just that we'll remove this extra Context layer that may not be required anymore