Refactor

Author: chaance

src/client.ts

@@ -0,0 +1,24 @@
+import { type createClient, LoginRequiredError } from "@workos-inc/authkit-js";
+
+export type Client = Pick<
+  Awaited<ReturnType<typeof createClient>>,
+  | "signIn"
+  | "signUp"
+  | "getUser"
+  | "getAccessToken"
+  | "signOut"
+  | "switchToOrganization"
+>;
+
+export type CreateClientOptions = NonNullable<
+  Parameters<typeof createClient>[1]
+>;
+
+export const NOOP_CLIENT: Client = {
+  signIn: async () => {},
+  signUp: async () => {},
+  getUser: () => null,
+  getAccessToken: () => Promise.reject(new LoginRequiredError()),
+  switchToOrganization: () => Promise.resolve(),
+  signOut: async () => {},
+};

src/context.ts

@@ -1,20 +1,15 @@
 "use client";
 
 import * as React from "react";
-import { Client } from "./types";
-import { State, initialState } from "./state";
+import type { Client } from "./client";
+import type { State } from "./state";
 
-export interface ContextValue extends Client, State {
-  accessToken: string | null;
+export interface AuthKitContextValue {
+  client: Client;
+  state: State;
 }
 
-export const Context = React.createContext<ContextValue>({
-  ...initialState,
-  signIn: () => Promise.reject(),
-  signUp: () => Promise.reject(),
-  getUser: () => null,
-  getAccessToken: () => Promise.reject(),
-  signOut: () => Promise.reject(),
-  switchToOrganization: () => Promise.reject(),
-  accessToken: null,
-});
+export const AuthKitContext = React.createContext<AuthKitContextValue | null>(
+  null,
+);
+AuthKitContext.displayName = "AuthKitContext";

src/hook.ts

@@ -1,13 +1,16 @@
 import * as React from "react";
-import { Context } from "./context";
-import { initialState } from "./state";
+import type { State } from "./state";
+import type { Client } from "./client";
+import { AuthKitContext } from "./context";
 
-export function useAuth() {
-  const context = React.useContext(Context);
-
-  if (context === initialState) {
+export function useAuth(): Client & State {
+  const context = React.useContext(AuthKitContext);
+  if (context === null) {
     throw new Error("useAuth must be used within an AuthKitProvider");
   }
 
-  return context;
+  return React.useMemo(
+    () => ({ ...context.client, ...context.state }),
+    [context.client, context.state],
+  );
 }

src/provider.tsx

@@ -7,9 +7,9 @@ import {
   LoginRequiredError,
   OnRefreshResponse,
 } from "@workos-inc/authkit-js";
-import { Context } from "./context";
-import { Client, CreateClientOptions } from "./types";
-import { initialState } from "./state";
+import { AuthKitContext } from "./context";
+import type { Client, CreateClientOptions } from "./client";
+import { INITIAL_STATE, LOADING_STATE, State } from "./state";
 
 interface AuthKitProviderProps extends CreateClientOptions {
   clientId: string;
@@ -31,7 +31,7 @@ export function AuthKitProvider(props: AuthKitProviderProps) {
     refreshBufferInterval,
   } = props;
   const [client, setClient] = React.useState<Client>(NOOP_CLIENT);
-  const [state, setState] = React.useState(initialState);
+  const [state, setState] = React.useState<State>(INITIAL_STATE);
 
   const handleRefresh = React.useCallback(
     (response: OnRefreshResponse) => {
@@ -49,15 +49,17 @@ export function AuthKitProvider(props: AuthKitProviderProps) {
       } = getClaims(accessToken);
       setState((prev) => {
         const next = {
-          ...prev,
+          status: "authenticated-refreshed",
+          isLoading: false,
           user,
           organizationId,
           role,
           roles,
           permissions,
           featureFlags,
           impersonator,
-        };
+          accessToken,
+        } satisfies State;
         return isEquivalentWorkOSSession(prev, next) ? prev : next;
       });
       onRefresh?.(response);
@@ -66,8 +68,9 @@ export function AuthKitProvider(props: AuthKitProviderProps) {
   );
 
   React.useEffect(() => {
+    let isCurrentRun = true;
     function initialize() {
-      const timeoutId = setTimeout(() => {
+      const timeoutId = window.setTimeout(() => {
         createClient(clientId, {
           apiHostname,
           port,
@@ -78,7 +81,11 @@ export function AuthKitProvider(props: AuthKitProviderProps) {
           onRefresh: handleRefresh,
           onRefreshFailure,
           refreshBufferInterval,
-        }).then(async (client) => {
+        }).then((client) => {
+          if (!isCurrentRun) {
+            return;
+          }
+
           const user = client.getUser();
           setClient({
             getAccessToken: client.getAccessToken.bind(client),
@@ -88,54 +95,48 @@ export function AuthKitProvider(props: AuthKitProviderProps) {
             signOut: client.signOut.bind(client),
             switchToOrganization: client.switchToOrganization.bind(client),
           });
-          setState((prev) => ({ ...prev, isLoading: false, user }));
+          setState((prev) =>
+            user
+              ? {
+                  ...prev,
+                  status: "authenticated",
+                  isLoading: false,
+                  user,
+                }
+              : {
+                  ...prev,
+                  status: "unauthenticated",
+                  isLoading: false,
+                  user: null,
+                  accessToken: null,
+                },
+          );
         });
       });
 
       return () => {
-        clearTimeout(timeoutId);
+        isCurrentRun = false;
+        window.clearTimeout(timeoutId);
       };
     }
 
     setClient(NOOP_CLIENT);
-    setState(initialState);
+    setState(LOADING_STATE);
 
     return initialize();
   }, [clientId, apiHostname, https, port, redirectUri, refreshBufferInterval]);
 
-  const [accessToken, setAccessToken] = React.useState<string | null>(null);
-  React.useEffect(() => {
-    const handleAccessTokenChange = (
-      event: CustomEvent<{ accessToken: string }>,
-    ) => {
-      setAccessToken(event.detail.accessToken);
-    };
-
-    // authkit-js emits a "authkit:tokenchange" event when the access token is
-    // refreshed. We want to use this to update the state with the new access
-    // token so that it is available and up-to-date at render-time.
-    window.addEventListener("authkit:tokenchange", handleAccessTokenChange);
-    return () => {
-      window.removeEventListener(
-        "authkit:tokenchange",
-        handleAccessTokenChange,
-      );
-    };
-  }, []);
-
   return (
-    <Context.Provider value={{ ...client, ...state, accessToken }}>
+    <AuthKitContext.Provider value={{ client, state }}>
       {children}
-    </Context.Provider>
+    </AuthKitContext.Provider>
   );
 }
 
 // poor-man's "deep equality" check
-function isEquivalentWorkOSSession(
-  a: typeof initialState,
-  b: typeof initialState,
-) {
+function isEquivalentWorkOSSession(a: State, b: State) {
   return (
+    a.status === b.status &&
     a.user?.updatedAt === b.user?.updatedAt &&
     a.organizationId === b.organizationId &&
     a.role === b.role &&
@@ -145,7 +146,8 @@ function isEquivalentWorkOSSession(
     a.featureFlags.length === b.featureFlags.length &&
     a.featureFlags.every((flag, i) => flag === b.featureFlags[i]) &&
     a.impersonator?.email === b.impersonator?.email &&
-    a.impersonator?.reason === b.impersonator?.reason
+    a.impersonator?.reason === b.impersonator?.reason &&
+    a.accessToken === b.accessToken
   );
 }
 

src/state.ts

@@ -5,18 +5,82 @@ export interface Impersonator {
   reason: string | null;
 }
 
-export interface State {
-  isLoading: boolean;
+type Status =
+  | "initial"
+  | "loading"
+  | "authenticated"
+  | "authenticated-refreshed"
+  | "unauthenticated";
+
+interface SharedState {
+  status: Status;
   user: User | null;
   role: string | null;
   roles: string[] | null;
   organizationId: string | null;
   permissions: string[];
   featureFlags: string[];
   impersonator: Impersonator | null;
+  accessToken: string | null;
+}
+
+interface InitialState extends SharedState {
+  status: "initial";
+  isLoading: true;
+  user: null;
+  role: null;
+  roles: null;
+  organizationId: null;
+  permissions: [];
+  featureFlags: [];
+  impersonator: null;
+  accessToken: null;
+}
+
+interface LoadingState extends SharedState {
+  status: "loading";
+  isLoading: true;
+  user: null;
+  role: null;
+  roles: null;
+  organizationId: null;
+  permissions: [];
+  featureFlags: [];
+  impersonator: null;
+  accessToken: null;
+}
+
+interface AuthenticatedState extends SharedState {
+  status: "authenticated";
+  isLoading: false;
+  user: User;
+  accessToken: string | null;
 }
 
-export const initialState: State = {
+interface AuthenticatedRefreshedState extends SharedState {
+  status: "authenticated-refreshed";
+  isLoading: false;
+  user: User;
+  accessToken: string;
+}
+
+interface UnauthenticatedState extends SharedState {
+  status: "unauthenticated";
+  isLoading: false;
+  user: null;
+  accessToken: null;
+}
+
+// TODO: Add error states
+export type State =
+  | InitialState
+  | LoadingState
+  | AuthenticatedState
+  | AuthenticatedRefreshedState
+  | UnauthenticatedState;
+
+export const INITIAL_STATE: InitialState = {
+  status: "initial",
   isLoading: true,
   user: null,
   role: null,
@@ -25,4 +89,10 @@ export const initialState: State = {
   permissions: [],
   featureFlags: [],
   impersonator: null,
+  accessToken: null,
+};
+
+export const LOADING_STATE: LoadingState = {
+  ...INITIAL_STATE,
+  status: "loading",
 };