alma/Neah
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
92e0c0dd3b
Neah/lib/services/token-refresh.ts
alma 92e0c0dd3b courrier msft oauth
2025-05-02 10:02:58 +02:00

65 lines
2.3 KiB
TypeScript
Raw Blame History

import { refreshAccessToken } from './microsoft-oauth';
import { getRedisClient, KEYS } from '@/lib/redis';
/**
* Check if a token is expired or about to expire (within 5 minutes)
*/
export function isTokenExpired(expiryTimestamp: number): boolean {
const fiveMinutesInMs = 5 * 60 * 1000;
return Date.now() + fiveMinutesInMs >= expiryTimestamp;
}
/**
* Refresh an access token if it's expired or about to expire
*/
export async function ensureFreshToken(
userId: string,
email: string
): Promise<{ accessToken: string; success: boolean }> {
try {
// Use Redis to get the tokens (no database lookup needed)
console.log(`Checking if token refresh is needed for ${email}`);
const redis = getRedisClient();
const key = KEYS.CREDENTIALS(userId, email);
const credStr = await redis.get(key);
if (!credStr) {
console.log(`No credentials found in Redis for ${email}`);
return { accessToken: '', success: false };
}
const creds = JSON.parse(credStr);
// If not OAuth or missing refresh token, return failure
if (!creds.useOAuth || !creds.refreshToken) {
console.log(`Account ${email} is not using OAuth or missing refresh token`);
return { accessToken: '', success: false };
}
// If token is still valid, return current token
if (creds.tokenExpiry && creds.accessToken &&
creds.tokenExpiry > Date.now() + 5 * 60 * 1000) {
console.log(`Token for ${email} is still valid, no refresh needed`);
return { accessToken: creds.accessToken, success: true };
}
// Token is expired or about to expire, refresh it
console.log(`Refreshing token for ${email}`);
const tokens = await refreshAccessToken(creds.refreshToken);
// Update Redis cache with new tokens
creds.accessToken = tokens.access_token;
if (tokens.refresh_token) {
creds.refreshToken = tokens.refresh_token;
}
creds.tokenExpiry = Date.now() + (tokens.expires_in * 1000);
await redis.set(key, JSON.stringify(creds), 'EX', 86400); // 24 hours
console.log(`Token for ${email} refreshed and cached in Redis`);
return { accessToken: tokens.access_token, success: true };
} catch (error) {
console.error(`Error refreshing token for ${email}:`, error);
return { accessToken: '', success: false };
}
}
Reference in New Issue View Git Blame Copy Permalink