Validate token expires (#353)

* Add logout button
* Use constants for property save/load
* Correctly config type checking
* Config biome
* Validate token expire time

biome.json

@@ -7,7 +7,7 @@
     "indentWidth": 2,
     "indentStyle": "space",
     "lineWidth": 120,
-    "ignore": ["ios/**", "android/**", "node_modules/**", "app.json", "eas.json"]
+    "ignore": ["ios/**", "android/**", "node_modules/**", ".expo/**", "app.json", "eas.json"]
   },
   "linter": {
     "enabled": true,

native_gg/App.tsx

@@ -1,5 +1,5 @@
 import { StatusBar } from "expo-status-bar";
-import { StyleSheet, Text, View } from "react-native";
+import { Button, StyleSheet, Text, View } from "react-native";
 import { Image } from "expo-image";
 import { LinearGradient } from "expo-linear-gradient";
 import { useEffect, useReducer } from "react";
@@ -67,6 +67,7 @@ export default function App() {
       <Text style={{ fontSize: 22, marginTop: 15, color: "#150f63" }}>
         Authenticated: <Text style={{ fontWeight: "bold" }}>{state.authenticated ? "True" : "False"}</Text>
       </Text>
+      <Button title="Logout" onPress={() => AuthService.logoutCurrentUser()} />
       <StatusBar style="auto" />
     </View>
   );

native_gg/src/authentication/AuthService.ts

@@ -3,21 +3,11 @@ import { randomUUID } from "expo-crypto";
 import { parse } from "expo-linking";
 import * as WebBrowser from "expo-web-browser";
 import * as v from "valibot";
-import { getAccessToken, getRefreshToken } from "./Utilities.ts";
 import { clientID, redirectURL } from "../constants/env.ts";
+import { Store } from "../constants/storage.ts";
 import { AppAction } from "../state/Actions.ts";
-
-const refreshTokenSchema = v.object({
-  access_token: v.string(),
-  expires_in: v.number(),
-  membership_id: v.string(),
-  refresh_expires_in: v.number(),
-  refresh_token: v.string(),
-  time_stamp: v.optional(v.string([v.isoTimestamp()])),
-  token_type: v.string(),
-});
-
-type RefreshToken = v.Output<typeof refreshTokenSchema>;
+import { RefreshToken, refreshTokenSchema } from "./Types.ts";
+import { getAccessToken, getRefreshToken } from "./Utilities.ts";
 
 class AuthService {
   private static instance: AuthService;
@@ -57,7 +47,7 @@ class AuthService {
   init(): Promise<boolean> {
     return new Promise((resolve, reject) => {
       // Is there a current user?
-      AsyncStorage.getItem("current_user_id")
+      AsyncStorage.getItem(Store.current_user_ID)
         .then((current_user) => {
           if (current_user === null) {
             return reject(false);
@@ -66,7 +56,7 @@ class AuthService {
           console.log("user!", this.currentUserID);
 
           // Then is there an auth token?
-          AsyncStorage.getItem(`${this.currentUserID}_refresh_token`)
+          AsyncStorage.getItem(`${this.currentUserID}${Store._refresh_token}`)
             .then((token) => {
               console.log("token!", token !== null);
 
@@ -76,8 +66,8 @@ class AuthService {
                 this.setAuthToken(validatedToken);
                 return resolve(true);
               } catch (error) {
-                console.error(error);
-                return resolve(false);
+                console.log(error);
+                return reject(false);
               }
             })
             .catch((e) => {
@@ -120,7 +110,7 @@ class AuthService {
     }
   }
 
-  setAuthToken(token: RefreshToken) {
+  setAuthToken(token: RefreshToken | null) {
     this.authToken = token;
     if (this.dispatch) {
       this.dispatch({ type: "setAuthenticated", payload: this.isAuthenticated() });
@@ -161,16 +151,16 @@ class AuthService {
         const validatedToken = v.parse(refreshTokenSchema, initialJSONToken);
         this.setCurrentUser(validatedToken.membership_id);
 
-        AsyncStorage.setItem("current_user_id", validatedToken.membership_id)
+        AsyncStorage.setItem(Store.current_user_ID, validatedToken.membership_id)
           .then(() => console.log("saved new user ID"))
           .catch((e) => {
             console.error("Failed to save user ID", e);
           });
 
         const fullToken = await getAccessToken(validatedToken);
-        console.log("save", `${this.currentUserID}_refresh_token`);
-        AsyncStorage.setItem(`${this.currentUserID}_refresh_token`, JSON.stringify(fullToken))
-          .then(() => console.log("saved token"))
+        console.log("save", `${this.currentUserID}${Store._refresh_token}`);
+        AsyncStorage.setItem(`${this.currentUserID}${Store._refresh_token}`, JSON.stringify(fullToken))
+          .then(() => this.setAuthToken(fullToken))
           .catch((e) => {
             console.error("Failed to save token", e);
           });
@@ -187,13 +177,21 @@ class AuthService {
 
   // This does not delete everything. Logging out should still leave user data behind for when they log back in.
   // The 'logout' might simply be the app not being used for so long it needs re-authentication.
-  async logoutCurrentUser() {
+  static async logoutCurrentUser() {
+    console.log("logoutCurrentUser", AuthService.instance.currentUserID);
     try {
-      await AsyncStorage.removeItem("current_user");
+      await AsyncStorage.removeItem(Store.current_user_ID);
+      await AsyncStorage.removeItem(`${AuthService.instance.currentUserID}${Store._refresh_token}`);
+      AuthService.instance.setAuthToken(null);
+      AuthService.instance.setCurrentUser("");
     } catch (e) {
       throw new Error("Error removing current user from storage");
     }
   }
+
+  cleanup() {
+    this.unsubscribe();
+  }
 }
 
 export default AuthService;

native_gg/src/authentication/Types.ts

@@ -0,0 +1,13 @@
+import * as v from "valibot";
+
+export const refreshTokenSchema = v.object({
+  access_token: v.string(),
+  expires_in: v.number(),
+  membership_id: v.string(),
+  refresh_expires_in: v.number(),
+  refresh_token: v.string(),
+  time_stamp: v.optional(v.string([v.isoTimestamp()])),
+  token_type: v.string(),
+});
+
+export type RefreshToken = v.Output<typeof refreshTokenSchema>;

native_gg/src/authentication/Utilities.ts

@@ -1,18 +1,7 @@
 import * as base64 from "base-64";
 import * as v from "valibot";
 import { apiKey, clientID, clientSecret } from "../constants/env.ts";
-
-const refreshTokenSchema = v.object({
-  access_token: v.string(),
-  expires_in: v.number(),
-  membership_id: v.string(),
-  refresh_expires_in: v.number(),
-  refresh_token: v.string(),
-  time_stamp: v.optional(v.string([v.isoTimestamp()])),
-  token_type: v.string(),
-});
-
-type RefreshToken = v.Output<typeof refreshTokenSchema>;
+import { RefreshToken, refreshTokenSchema } from "./Types.ts";
 
 export function getRefreshToken(bungieCode: string): Promise<JSON> {
   const headers = new Headers();
@@ -86,3 +75,31 @@ export function getAccessToken(token: RefreshToken): Promise<RefreshToken> {
       });
   });
 }
+
+export function hasAccessExpired(token: RefreshToken): boolean {
+  // Access lasts 3600 seconds (1 hour)
+  if (token.time_stamp) {
+    const lifeTime = token.expires_in;
+    const timeNow = new Date();
+    const timeThen = new Date(token.time_stamp);
+    const secondsLeft = lifeTime - (timeNow.getTime() - timeThen.getTime()) / 1000;
+    // Count anything less than 5 mins (345 seconds) as expired
+    return secondsLeft < 345;
+  }
+
+  return true;
+}
+
+export function hasRefreshExpired(token: RefreshToken): boolean {
+  // Refresh lasts 7,776,000 seconds (90 days)
+  if (token.time_stamp) {
+    const lifeTime = token.refresh_expires_in;
+    const timeNow = new Date();
+    const timeThen = new Date(token.time_stamp);
+    const secondsLeft = lifeTime - (timeNow.getTime() - timeThen.getTime()) / 1000;
+    // Count anything less than 5 mins (345 seconds) as expired
+    return secondsLeft < 345;
+  }
+
+  return true;
+}

native_gg/src/constants/storage.ts

@@ -0,0 +1,5 @@
+// I want to export a name space 'storage' that has several constants such as 'current_ID' and 'auth_token' that are used in the native_gg/src/authentication/AuthService.ts file. I will use the 'export' keyword to export the name space 'storage' and then use the 'export' keyword to export the constants 'current_ID' and 'auth_token' from the name space 'storage'.
+export const Store = {
+  current_user_ID: "current_user_ID",
+  _refresh_token: "_refresh_token",
+};

native_gg/tsconfig.json

@@ -4,6 +4,10 @@
     "allowImportingTsExtensions": true,
     "strict": true,
     "noUncheckedIndexedAccess": true,
-    "noErrorTruncation": true,
-  }
+    "noErrorTruncation": true
+  },
+  "include": [
+    "App.tsx",
+    "src"
+  ]
 }