Merge pull request #159 from accounts-js/feature/client-refresh-token

refresh session check accessToken still valid first in order to not refresh the session each time

Author: pradel

packages/client/__tests__/accounts-client.ts

@@ -340,14 +340,41 @@ describe('Accounts', () => {
       }
     });
 
+    it('should do nothing if tokens are still valid', async () => {
+      Accounts.config({}, mockTransport);
+      const accessToken = jwt.sign({ data: 'oldRefreshToken' }, 'secret', {
+        expiresIn: 10,
+      });
+      const refreshToken = jwt.sign({ data: 'oldRefreshToken' }, 'secret', {
+        expiresIn: '1d',
+      });
+      const oldTokens = {
+        accessToken,
+        refreshToken,
+      };
+      Accounts.instance.storeTokens(oldTokens);
+      // tslint:disable-next-line no-string-literal
+      Accounts.instance['store'].dispatch(setTokens(oldTokens));
+      await Accounts.refreshSession();
+      expect(localStorage.getItem('accounts:accessToken')).toEqual(accessToken);
+      expect(localStorage.getItem('accounts:refreshToken')).toEqual(
+        refreshToken
+      );
+    });
+
     it('requests a new token pair, sets the tokens and the user', async () => {
       Accounts.config({}, mockTransport);
+      const accessToken = jwt.sign({ data: 'oldRefreshToken' }, 'secret', {
+        expiresIn: -10,
+      });
+      const refreshToken = jwt.sign({ data: 'oldRefreshToken' }, 'secret', {
+        expiresIn: '1d',
+      });
       const oldTokens = {
-        accessToken: 'oldAccessToken',
-        refreshToken: jwt.sign({ data: 'oldRefreshToken' }, 'secret', {
-          expiresIn: '1d',
-        }),
+        accessToken,
+        refreshToken,
       };
+      Accounts.instance.storeTokens(oldTokens);
       // tslint:disable-next-line no-string-literal
       Accounts.instance['store'].dispatch(setTokens(oldTokens));
       await Accounts.refreshSession();

packages/client/src/accounts-client.ts

@@ -251,22 +251,25 @@ export class AccountsClient {
     if (accessToken && refreshToken) {
       try {
         this.store.dispatch(loggingIn(true));
-        const decodedRefreshToken = jwtDecode(refreshToken);
         const currentTime = Date.now() / 1000;
-        // Refresh token is expired, user must sign back in
-        if (decodedRefreshToken.exp < currentTime) {
-          this.clearTokens();
-        } else {
+
+        const decodedAccessToken = jwtDecode(accessToken);
+        const decodedRefreshToken = jwtDecode(refreshToken);
+        // See if accessToken is expired
+        if (decodedAccessToken.exp < currentTime) {
           // Request a new token pair
           const refreshedSession: LoginReturnType = await this.transport.refreshTokens(
             accessToken,
             refreshToken
           );
-          this.store.dispatch(loggingIn(false));
 
           await this.storeTokens(refreshedSession.tokens);
           this.store.dispatch(setTokens(refreshedSession.tokens));
+        } else if (decodedRefreshToken.exp < currentTime) {
+          // Refresh token is expired, user must sign back in
+          this.clearTokens();
         }
+        this.store.dispatch(loggingIn(false));
       } catch (err) {
         this.store.dispatch(loggingIn(false));
         this.clearTokens();