attemptWithGuard method

Future<AuthResponse> attemptWithGuard(
  1. String guardName,
  2. Map<String, dynamic> credentials
)

This method provides secure token refresh functionality with:

  • Automatic refresh token rotation for enhanced security
  • Comprehensive error handling and validation
  • Rate limiting and abuse prevention
  • Detailed logging for security auditing

refreshToken The refresh token to use for generating new tokens Returns a map containing:

  • access_token: New access token
  • refresh_token: New refresh token (rotated for security)
  • token_type: Token type (usually 'Bearer')
  • expires_in: Access token expiration time in seconds
  • refresh_expires_in: Refresh token expiration time in seconds

Throws AuthException in the following cases:

  • Invalid or malformed refresh token
  • Expired refresh token
  • User account disabled or not found
  • Rate limiting triggered
  • Internal authentication service errors

Example usage:

try {
  final tokens = await authManager.refreshAccessToken(refreshToken);
  final newAccessToken = tokens['access_token'];
  final newRefreshToken = tokens['refresh_token'];
  // Store new tokens securely
} catch (e) {
  // Handle refresh failure - redirect to login
}

Attempts authentication with a specific guard

guardName The guard to use for authentication credentials Authentication credentials Returns authentication result

Implementation

Future<AuthResponse> attemptWithGuard(
  String guardName,
  Map<String, dynamic> credentials,
) async {
  final guard = _getOrCreateGuard(guardName);
  return guard.attempt(credentials);
}