Skip to content

improve: add automatic token refresh functionality

nopeNoshishirequested to merge
nopeNoshishi1/leptos_oidc:improvement/token/refresh-interval into main

Overview

This PR implements automatic token refresh functionality to improve user experience by eliminating unnecessary re-authentication when access tokens expire.

Changes

  • Added refresh token validation check before attempting refresh
  • Implemented automatic token refresh using refresh_token_request when access tokens are expired but refresh tokens are still valid
  • Maintains user session continuity without interrupting user workflow
  • I split it into functions because I got an error with lint.

Behavior

Before: Users were forced to re-authenticate every time their access token expired, even when refresh tokens were still valid.

After: The system automatically attempts to refresh expired access tokens using valid refresh tokens, only requiring re-authentication when refresh tokens are also invalid or refresh fails.

Testing

  • Tested with expired access token and valid refresh token
  • Tested with invalid refresh token scenario
  • Confirmed local storage cleanup on failures
Edited by nopeNoshishi

Merge request reports