Feature: local strategy refresh

lib/core/auth.js

@@ -157,6 +157,7 @@ export default class Auth {
       this.setUser(false)
       this.setToken(this.$state.strategy, false)
       this.setRefreshToken(this.$state.strategy, false)
+      this.setExpiration(this.$state.strategy, false)
       return Promise.resolve()
     }
 
@@ -188,6 +189,28 @@ export default class Auth {
     return this.$storage.syncUniversal(_key)
   }
 
+  // ---------------------------------------------------------------
+  // Token Expiration helpers
+  // ---------------------------------------------------------------
+
+  getExpiration (strategy) {
+    const _key = this.options.token_expiration.prefix + strategy
+
+    return this.$storage.getUniversal(_key)
+  }
+
+  setExpiration (strategy, token) {
+    const _key = this.options.token_expiration.prefix + strategy
+
+    return this.$storage.setUniversal(_key, token)
+  }
+
+  syncExpiration (strategy) {
+    const _key = this.options.token_expiration.prefix + strategy
+
+    return this.$storage.syncUniversal(_key)
+  }
+
   // ---------------------------------------------------------------
   // Refresh token helpers
   // ---------------------------------------------------------------
@@ -251,11 +274,7 @@ export default class Auth {
     return this.ctx.app.$axios
       .request(_endpoint)
       .then(response => {
-        if (_endpoint.propertyName) {
-          return getProp(response.data, _endpoint.propertyName)
-        } else {
-          return response.data
-        }
+        return response.data
       })
       .catch(error => {
         // Call all error handlers

lib/module/defaults.js

@@ -49,6 +49,12 @@ module.exports = {
     prefix: '_token.'
   },
 
+  // -- Token Expiration --
+
+  token_expiration: {
+    prefix: '_token_expires_at.'
+  },
+
   // -- Refresh token --
 
   refresh_token: {

lib/schemes/local.js

@@ -2,6 +2,7 @@ export default class LocalScheme {
   constructor (auth, options) {
     this.$auth = auth
     this.name = options._name
+    this.refreshInterval = undefined
 
     this.options = Object.assign({}, DEFAULTS, options)
   }
@@ -20,10 +21,72 @@ export default class LocalScheme {
     }
   }
 
-  mounted () {
+  _updateTokens (result) {
+    let accessToken = result[this.options.endpoints.login.propertyName]
+
+    //extract refresh token and set expiration
+    if (this.options.refreshToken) {
+      var tokenCreatedAt = result['created_at'] || Date.now
+      var refreshToken = result[this.options.refreshToken]
+      var tokenExpiration = tokenCreatedAt + result['expires_in']
+    }
+
     if (this.options.tokenRequired) {
+      const token = this.options.tokenType ? this.options.tokenType + ' ' + accessToken : accessToken
+
+      // update access token
+      this.$auth.setToken(this.name, token)
+      this._setToken(token)
+
+      // update refresh token and register refresh-logic with axios
+      if ( refreshToken !== undefined) {
+        this.$auth.setRefreshToken(this.name, refreshToken)
+        this.$auth.setExpiration(this.name, tokenExpiration * 1000)
+      }
+    }
+  }
+
+  _tokenRefresh (self) {
+    return this.$auth.ctx.app.$axios.post(
+      this.options.endpoints.login.url,
+      {
+        refresh_token: this.$auth.getRefreshToken(this.name),
+        client_id: this.options.client_id,
+        grant_type: 'refresh_token'
+      }
+    ).then(response => {
+      this._updateTokens(response.data)
+    }).catch(err => {
+      this.logout()
+    })
+  }
+
+  _scheduleTokenRefresh () {
+    let self = this
+    let intervalDuration = (self.$auth.getExpiration(self.name) - Date.now()) * 0.75
+    if (intervalDuration < 1000) {
+      // in case you misconfigured refreshing this will save your auth-server from a self-induced DDoS-Attack
+      intervalDuration = 1000
+    }
+
+    this.refreshInterval = setInterval(function () {
+      console.log("iterate")
+      self._tokenRefresh()
+    }, intervalDuration);
+  }
+
+  mounted () {
+    if (this.options.tokenRequired && this.$auth.loggedIn) {
       const token = this.$auth.syncToken(this.name)
       this._setToken(token)
+
+      if (this.options.refreshToken) {
+        this.$auth.syncRefreshToken(this.name)
+        this._tokenRefresh().then(() => {
+          this.$auth.syncExpiration(this.name)
+          this._scheduleTokenRefresh()
+        })
+      }
     }
 
     return this.$auth.fetchUserOnce()
@@ -42,13 +105,9 @@ export default class LocalScheme {
       this.options.endpoints.login
     )
 
-    if (this.options.tokenRequired) {
-      const token = this.options.tokenType
-        ? this.options.tokenType + ' ' + result
-        : result
-
-      this.$auth.setToken(this.name, token)
-      this._setToken(token)
+    this._updateTokens(result)
+    if (this.options.refreshToken) {
+      this._scheduleTokenRefresh()
     }
 
     return this.fetchUser()
@@ -91,12 +150,14 @@ export default class LocalScheme {
     if (this.options.tokenRequired) {
       this._clearToken()
     }
+    clearInterval(this.refreshInterval)
 
     return this.$auth.reset()
   }
 }
 
 const DEFAULTS = {
+  refreshToken: false,
   tokenRequired: true,
   tokenType: 'Bearer',
   globalToken: true,