alexaegis / auth Goto Github PK

View Code? Open in Web Editor NEW

17.0 17.0 1.0 17.07 MB

Angular JWT Authentication Tools

Home Page: https://alexaegis.github.io/auth/

License: MIT License

TypeScript 96.44% JavaScript 1.69% HTML 1.48% CSS 0.14% SCSS 0.24%

angular authentication interceptor jwt refresh

auth's Introduction

Hey hey people

auth's People

Contributors

Stargazers

Watchers

Forkers

fossabot hope-ag

auth's Issues

[feature] explore automatic secure http cookie for refresh tokens

The user already decides on how to store them so its up to to them, explore if this can be done automatically, reducing configuration

[feature] Use the autorefresh mechanic on the routerguard

Extract and expose the core autorefresh mechanic

Dependabot couldn't find the branch staging

Dependabot was set up to create pull requests against the branch staging, but couldn't find it.

If the branch has been permanently deleted you can update Dependabot's target branch from your dashboard.

View the update logs.

[feature] automatically publish to github packages along with the npm central

Aside from the default, publish here too https://npm.pkg.github.com/

[bug] have the correct readme display for the published libraries

Multiple requests at same time with expired token all trigger a refresh request [bug]

Describe the bug
Multiple requests fired off at the same time with an expired token all trigger a refresh request with the current refresh token.
The first refresh request succeeds which invalidates the refresh token as they are one time use, then all the other refresh requests fail because the refresh token has already been used.

To Reproduce
Have app that makes more than 1 request to JWT protected api at launch with a JWT token and refresh token already stored in app from a previous session.
Server rejects all those requests because of invalid JWT token.
Library then initiates a refresh request for every failed request.
1st refresh request succeeds, all subsequent requests in that batch fail due to refresh token already being used.

Expected behavior
All requests are queued and only a single refresh attempt is made.

[feature] construct a demo page

From the demo page, the demo apps and the typedoc should be available
It should be deployed as a github page, served from the gh-branch
Automate it from an action

[feature] Use isValid from base64 or evaluate the need

dankogai/js-base64@7801627

[bug] demo page should use hash based routing

Or just configure github pages if allowed

[feature] Auth Guard

A login based guard that lets you into routes when the user is logged in

[bug] remove or fix dependabot badge

It was migrated to the github integrated one

[feature] refactor typed providers once TS4 is released

Introduce variadic generics on provider dependencies

Tracking issue: microsoft/TypeScript#38510

[feature] automatically increase example version numbers in the readme

[feature] put relevant badges into the package readme

[feature] Error handling on token failures

When logging in after the access token expires and the refresh failed for some reason (expired) call a callback and/or optionally use the router to navigate to a route

The config option on the refresh config could look like this:

onFailedRefresh: () => router.navigate( ... )

onFailedRefresh: 'path/to/login'

Signature

onFailedRefresh: string | () => void

TBD: Another callback on expired access tokens (Same logic, could be useful when no refresh config found. If the pipeline can do it on ultimate fail then do that and move the config option elsewhere. But that might cause confusion if name like this. In that case it should be called onTokenFailure or something)

[bug] Angular 8 support

ERROR in ../node_modules/@aegis-auth/jwt/lib/component/base-directive.class.d.ts:20:19 - error TS1086: An accessor cannot be declared in an ambient context.

20     protected set teardown(subscription: Subscription);
                     ~~~~~~~~
../node_modules/@aegis-auth/jwt/lib/model/typed-providers.interface.d.ts:21:26 - error TS2430: Interface 'TypedValueSansProvider<T>' incorrectly extends interface 'ValueSansProvider'.
  Property 'useValue' is optional in type 'TypedValueSansProvider<T>' but required in type 'ValueSansProvider'.

21 export declare interface TypedValueSansProvider<T> extends ValueSansProvider {
                            ~~~~~~~~~~~~~~~~~~~~~~
../node_modules/@aegis-auth/jwt/lib/model/typed-providers.interface.d.ts:30:26 - error TS2430: Interface 'TypedClassSansProvider<T>' incorrectly extends interface 'ClassSansProvider'.
  Property 'useClass' is optional in type 'TypedClassSansProvider<T>' but required in type 'ClassSansProvider'.

30 export declare interface TypedClassSansProvider<T> extends ClassSansProvider {
                            ~~~~~~~~~~~~~~~~~~~~~~
../node_modules/@aegis-auth/jwt/lib/model/typed-providers.interface.d.ts:46:26 - error TS2430: Interface 'TypedExistingSansProvider<T>' incorrectly extends interface 'ExistingSansProvider'.
  Property 'useExisting' is optional in type 'TypedExistingSansProvider<T>' but required in type 'ExistingSansProvider'.

46 export declare interface TypedExistingSansProvider<T> extends ExistingSansProvider {
                            ~~~~~~~~~~~~~~~~~~~~~~~~~
../node_modules/@aegis-auth/jwt/lib/model/typed-providers.interface.d.ts:110:26 - error TS2430: Interface 'TypedFactorySansProvider<T, A, B, C, D, E, F, G, H, I, J, K, L, M, N, O, P, Q, R, S, U, V, W, X, Y, Z>' incorrectly extends interface 'FactorySansProvider'.
  Property 'useFactory' is optional in type 'TypedFactorySansProvider<T, A, B, C, D, E, F, G, H, I, J, K, L, M, N, O, P, Q, R, S, U, V, W, X, Y, Z>' but required in type 'FactorySansProvider'.

110 export declare interface TypedFactorySansProvider<
                             ~~~~~~~~~~~~~~~~~~~~~~~~