renolation/retail
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add refresh token

Browse Source
This commit is contained in:
Phuoc Nguyen
2025-10-21 16:30:11 +07:00
parent b94a19dd3f
commit 9c20a44a04
21 changed files with 246 additions and 67 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
lib/features/auth/data/repositories/auth_repository_impl.dart
View File

@@ -35,12 +35,13 @@ class AuthRepositoryImpl implements AuthRepository {
print('🔐 Repository: Got response, token length=${authResponse.accessToken.length}');
// Save token to secure storage only if rememberMe is true
// Save tokens to secure storage only if rememberMe is true
if (rememberMe) {
await secureStorage.saveAccessToken(authResponse.accessToken);
print('🔐 Repository: Token saved to secure storage (persistent)');
await secureStorage.saveRefreshToken(authResponse.refreshToken);
print('🔐 Repository: Access token and refresh token saved to secure storage (persistent)');
} else {
print('🔐 Repository: Token NOT saved (session only - rememberMe is false)');
print('🔐 Repository: Tokens NOT saved (session only - rememberMe is false)');
}
// Set token in Dio client for subsequent requests (always for current session)
@@ -86,8 +87,9 @@ class AuthRepositoryImpl implements AuthRepository {
);
final authResponse = await remoteDataSource.register(registerDto);
// Save token to secure storage
// Save both tokens to secure storage
await secureStorage.saveAccessToken(authResponse.accessToken);
await secureStorage.saveRefreshToken(authResponse.refreshToken);
// Set token in Dio client for subsequent requests
dioClient.setAuthToken(authResponse.accessToken);
@@ -127,24 +129,44 @@ class AuthRepositoryImpl implements AuthRepository {
@override
Future<Either<Failure, AuthResponse>> refreshToken() async {
try {
final authResponse = await remoteDataSource.refreshToken();
print('🔄 Repository: Starting token refresh...');
// Update token in secure storage
// Get refresh token from storage
final storedRefreshToken = await secureStorage.getRefreshToken();
if (storedRefreshToken == null) {
print('❌ Repository: No refresh token found in storage');
return const Left(UnauthorizedFailure('No refresh token available'));
}
print('🔄 Repository: Calling datasource with refresh token...');
final authResponse = await remoteDataSource.refreshToken(storedRefreshToken);
// Update both tokens in secure storage (token rotation)
await secureStorage.saveAccessToken(authResponse.accessToken);
await secureStorage.saveRefreshToken(authResponse.refreshToken);
print('🔄 Repository: New tokens saved to secure storage');
// Update token in Dio client
dioClient.setAuthToken(authResponse.accessToken);
print('🔄 Repository: New access token set in DioClient');
return Right(authResponse);
} on UnauthorizedException catch (e) {
print('❌ Repository: Unauthorized during refresh - ${e.message}');
// Clear invalid tokens
await secureStorage.deleteAllTokens();
return Left(UnauthorizedFailure(e.message));
} on TokenExpiredException catch (e) {
print('❌ Repository: Token expired during refresh - ${e.message}');
// Clear expired tokens
await secureStorage.deleteAllTokens();
return Left(TokenExpiredFailure(e.message));
} on NetworkException catch (e) {
return Left(NetworkFailure(e.message));
} on ServerException catch (e) {
return Left(ServerFailure(e.message));
} catch (e) {
print('❌ Repository: Unexpected error during refresh: $e');
return Left(ServerFailure('Unexpected error: $e'));
}
}