Persist session data to localStorage.
Create a helper library that figures out whether to write to
chrome.storage.local or window.localStorage, and unifies their two APIs.
Update the Me model to use the getOrFetch method for the profiles collection
when retrieving the user's profile. This, unfortunately, makes it an async call
(because we may need to fetch data from the server), so we can no longer have it
be a derived property, which is a shame. It instead must just be the me.profile()
function.
Separate out the logic to determine when an access token expires, and turn it
into the tokenExpires function.
Fill the writeToCache placeholder with the logic to store the current session in
either window.localStorage or chrome.storage.local, whichever is the more
appropriate, using the helper library.
Create the load helper function that will attempt to read session data from
localStorage or chrome.storage.local, whichever the library decides is
available, and updates the session based on it.
Implement the logout function, which just uses the helper library to remove the
session data from window.localStorage or chrome.storage.local. We should also be
resetting the app.me variable, however.
Create a debouncedWriteToCache function that will only write to the cache once
every 250 ms, to avoid rushes on the cache.
When instantiating our app.me variable, load it in from localStorage or
chrome.storage.local if we can. Also, listen for changes to app.me, and persist
them to chrome.storage.local or localStorage.
1 import app from 'ampersand-app'
4 import Sync from 'ampersand-sync'
5 import config from '../config'
7 const getRefresh = (opts, callback) => {
9 url: config.urlBase + '/token',
12 'Content-Type': 'application/x-www-form-urlencoded',
13 'Authorization': 'Basic ' + btoa(config.clientID + ':' + config.clientSecret),
16 'grant_type': 'refresh_token',
17 'refresh_token': app.me.refresh_token
20 xhr(refreshOpts, function(err, resp, body) {
21 if (resp.statusCode != 200) {
22 callback(err, resp, body)
25 if (body && resp.headers['content-type'] == 'application/json') {
27 body = JSON.parse(body)
29 app.trigger('token:refreshError', body)
30 callback(err, resp, body)
33 if (body.access_token) {
36 app.trigger('token:refreshError', body)
38 callback(err, resp, body)
42 const shouldRefreshXHR = (err, resp, body) => {
43 if(body && resp.headers['Content-Type'] == 'application/json') {
45 body = JSON.parse(body)
50 if (resp.statusCode == 401 && body.errors && body.errors[0]
51 && body.errors[0].header == 'authorization' && body.errors[0].error == 'access_denied') {
57 const doRefreshXHR = (opts, callback) => {
59 getRefresh(opts, function(err, resp, body) {
60 if (body.access_token) {
61 opts.headers['Authorization'] = 'Bearer '+body.access_token
67 const refreshXHR = (opts, callback) => {
68 return xhr(opts, function(err, resp, body) {
69 if (opts.noRefresh || !shouldRefreshXHR(err, resp, body)) {
70 callback(err, resp, body)
73 doRefreshXHR(opts, callback)
78 const shouldRefreshSync = (resp) => {
79 if (resp && resp.errors && resp.errors[0]
80 && resp.errors[0].header == 'authorization' && resp.errors[0].error == 'access_denied') {
86 const doRefreshSync = (action, moc, opts) => {
88 getRefresh(opts, function(err, resp, body) {
89 if (body.access_token) {
90 Sync(action, moc, opts)
95 const refreshSync = (action, moc, opts) => {
96 const oldError = opts.error
97 opts.error = function(resp) {
98 if(opts.noRefresh || !shouldRefreshSync) {
102 doRefreshSync(action, moc, opts)
104 Sync(action, moc, opts)
112 export default refresh