Files
Job-Info/Mode2Test/AuthAndToken/README.md
T

70 lines
2.0 KiB
Markdown

# Mode2Test
Complete OAuth2 authentication system with persistent token management.
## Structure
```
Mode2Test/
AuthAndToken/ # Everything related to auth and tokens
package.json
backend/
server.ts # Hono server
token-service.ts # Token storage & refresh
auth-routes.ts # Hono API endpoints
frontend/
index.html # Main app (requires auth)
signin.html # Microsoft OAuth2 login
auth-manager.ts # Frontend auth helpers
README.md # Component documentation
```
## Quick Start
1. Install dependencies:
```bash
cd Mode2Test/AuthAndToken
bun install
```
2. Set environment variables (in `secrets/.env`):
```
POCKETBASE_URL=https://pocketbase.ccllc.pro
```
3. Run:
```bash
bun run backend/server.ts
```
4. Open `http://localhost:3005` → redirects to signin.html if not authenticated
## How It Works
### Token Lifecycle
1. **Login**: User signs in via Microsoft OAuth2 → PB and Graph tokens acquired → stored in `tokens.json` → background refresh starts
2. **Refresh**: Every 5 minutes, both tokens auto-refresh silently
3. **Access**: Frontend/backend call `/api/auth/tokens` to get current state
4. **Logout**: User clicks logout → tokens cleared
### Startup Behavior
- If `tokens.json` exists with valid PB token: background refresh resumes immediately
- If no valid token: frontend redirects to `signin.html` to require login
- Tokens are **never deleted** until fresh ones are confirmed available
## API Endpoints
- `GET /api/auth/status` - Check auth status
- `GET /api/auth/tokens` - Get current tokens (requires auth)
- `POST /api/auth/login` - Store tokens after OAuth login
- `POST /api/auth/logout` - Clear all tokens
## Tokens
- **PocketBase Token**: Required. Refreshes automatically every 5 minutes.
- **Graph Token**: Optional. Refreshes automatically if available.
Both stay fresh at all times after initial login—no user intervention needed.