refreshToken method

  1. @override
Future<AuthResponse> refreshToken(
  1. String refreshToken
)
override

Refreshes an access token

refreshToken The refresh token Returns new authentication response

Implementation

@override
Future<AuthResponse> refreshToken(String refreshToken) async {
  final tokenRecord = await _tokenService.findToken(refreshToken);

  if (tokenRecord == null) {
    throw AuthException('Invalid refresh token');
  }

  final tokenType = tokenRecord['type'] as String?;
  if (tokenType != 'refresh') {
    throw AuthException('Invalid token type for refresh');
  }

  // Check expiry
  final expiresAt = tokenRecord['expires_at'] as String?;
  if (expiresAt != null) {
    final expiry = DateTime.parse(expiresAt);
    if (DateTime.now().isAfter(expiry)) {
      await _tokenService.deleteToken(refreshToken);
      throw AuthException('Refresh token has expired');
    }
  }

  final userId = tokenRecord['tokenable_id'];

  // Get user
  final provider = await _getProviderConfig();
  final table = provider['table'] as String;
  final primaryKey = provider['primary_key'] as String;

  final userData = await _repository.findUserById(userId, table, primaryKey);
  if (userData == null) {
    throw AuthException('User not found');
  }

  final user = DatabaseAuthenticatable.fromProviderConfig(
    userData,
    provider,
  );

  // Generate new tokens
  final newAccessToken = _tokenGenerator.generateToken(
    prefix: userId.toString(),
  );

  // Store new access token
  final accessTokenData = {
    'token': newAccessToken,
    'tokenable_id': userId,
    'guard': _providerKey,
    'type': 'access',
    'created_at': DateTime.now().toIso8601String(),
  };

  if (_tokenExpiry != null) {
    accessTokenData['expires_at'] =
        DateTime.now().add(_tokenExpiry).toIso8601String();
  }

  await _tokenService.storeToken(accessTokenData);

  final newRefreshToken = _tokenGenerator.generateToken();

  // Store new refresh token
  final refreshTokenData = {
    'token': newRefreshToken,
    'tokenable_id': userId,
    'guard': _providerKey,
    'type': 'refresh',
    'created_at': DateTime.now().toIso8601String(),
    'expires_at': DateTime.now()
        .add(_refreshTokenExpiry ?? const Duration(days: 7))
        .toIso8601String(),
  };

  await _tokenService.storeToken(refreshTokenData);

  // Clean up old refresh token
  await _tokenService.deleteToken(refreshToken);

  return AuthResponse(
    user: user.toAuthArray(),
    accessToken: newAccessToken,
    refreshToken: newRefreshToken,
    expiresIn: _tokenExpiry?.inSeconds,
    refreshExpiresIn: 604800, // 7 days
  );
}