Introducing Axios-Auth-Refresh: Simplifying Authorization Refresh
Axios-Auth-Refresh is a library designed to smooth the process of automatically refreshing authorization tokens using Axios interceptors. It efficiently handles situations where an API call fails due to expired authorization, allowing for seamless retrieval of a new token and continuation of the original request without any user involvement.
How It Works
Whenever a request fails due to authorization issues, developers have the option to implement custom logic or call a refresh function to obtain a new token. Axios-Auth-Refresh handles queuing any additional requests that occur during this refresh process and ensures they are properly executed once a new token is available.
Installation
This library can be easily added to a project using either npm or yarn:
npm install axios-auth-refresh --save
# or
yarn add axios-auth-refresh
Usage and Setup
To utilize Axios-Auth-Refresh, import the core function into your project and integrate it with your axios instance and a custom function for token refreshing. This setup allows the interceptor to automatically handle failed authorization responses (typically HTTP 401 status code) and retry the request with a new token once obtained.
import axios from 'axios';
import createAuthRefreshInterceptor from 'axios-auth-refresh';
// Define the logic to refresh the authorization token
const refreshAuthLogic = (failedRequest) =>
axios.post('https://www.example.com/auth/token/refresh').then(tokenRefreshResponse => {
localStorage.setItem('token', tokenRefreshResponse.data.token);
failedRequest.response.config.headers['Authorization'] = 'Bearer ' + tokenRefreshResponse.data.token;
return Promise.resolve();
});
// Install the interceptor
createAuthRefreshInterceptor(axios, refreshAuthLogic);
// Use axios for API calls, relying on the interceptor for automatic token refresh
axios.get('https://www.example.com/restricted/area')
.then(/* handle success */)
.catch(/* handle error */);
Configurable Options
The library provides several options to tailor its behavior:
-
Status Codes To Intercept: Specify which HTTP status codes should trigger the interceptor. By default, it listens for 401 errors.
-
Retry and Refresh Logic: Customize when and how the interceptor logic is activated, allowing conditions such as business error codes to determine refresh logic execution.
-
Pause and Resume: Control whether to pause the axios instance while refreshing is underway, preventing request loops if the refresh fails.
-
Network Error Interception: An option to handle network errors, useful for APIs without proper CORS support that might obscure status codes.
Common Use Cases
Axios-Auth-Refresh is versatile, used for automatic request throttling and OTP challenges, among other applications. Users are encouraged to share additional use cases with the community.
Updates and Contribution
The library is regularly updated to support new Axios versions and user-requested features. Contributions and community involvement are welcome through the project's contribution guide or via Patreon support.
This project is graciously aided by JetBrains, providing an IDE for development.
Whether you’re faced with the routine expiration of tokens or need flexible request management, Axios-Auth-Refresh offers a robust solution to simplify token handling and request management in JavaScript applications.