RFC: Remove authToken from authContext #1608
Comments
|
On second thought, for (2) is there ever a need to get a stale token? Maybe just use the |
|
This sounds totally reasonable to me.
We could set it as deprecated for a few releases and point people to the new direction.
I love fresh things as much as the next person, but maybe something like
I would like to propose that you keep the |
|
For firebase auth in particular this seems relevant: #1555 (comment) |
|
Implemented. Tokens must now be retrieved using the function |
Hey, Creating RFC to track discussion.
So I've been looking into solving #1576 and its many duplicates, and am close to a solution (pending testing on various providers etc.) - but as part of this process I have 3 changes that I suggest making:
1. Remove the authToken from useAuth and AuthContext
Breaking change - technically
The main issue is that authTokens expire, and the state isn't refreshed automatically at the moment by redwood. By removing this value, we prevent users from accidentally using a stale token, but instead forcing them to use
getTokenorclient.getToken2. Introduce apollo client middleware, introduce new
getFreshTokeninto authClient shapeTransparent change, non-breaking
I've already done this bit locally, but it's purpose is to always get a fresh token and perform a refresh if required. Now for firebase, we don't need to implement anything new here, but for future proofing we may want to introduce
getFreshTokenfor authClients, incase certain providers have extra logic required to refresh the token before returning.3. Remove fetchConfigProvider
Transparent change, non-breaking
I'm not a 100% sure about this yet, but using the new
AuthMiddlewaremight make the FetchConfigProvider redundant. All of the functionality will be maintained, its just that we'll remove this extra Context layer that may not be required anymoreThe text was updated successfully, but these errors were encountered: