Mode2Test
Complete OAuth2 authentication system with persistent token management.
Structure
Mode2Test/
AuthAndToken/ # Everything related to auth and tokens
package.json
backend/
server.ts # Hono server
token-service.ts # Token storage & refresh
auth-routes.ts # Hono API endpoints
frontend/
index.html # Main app (requires auth)
signin.html # Microsoft OAuth2 login
auth-manager.ts # Frontend auth helpers
README.md # Component documentation
Quick Start
- Install dependencies:
cd Mode2Test/AuthAndToken
bun install
- Set environment variables (in
secrets/.env):
POCKETBASE_URL=https://pocketbase.ccllc.pro
- Run:
bun run backend/server.ts
- Open
http://localhost:3005→ redirects to signin.html if not authenticated
How It Works
Token Lifecycle
- Login: User signs in via Microsoft OAuth2 → PB and Graph tokens acquired → stored in
tokens.json→ background refresh starts - Refresh: Every 5 minutes, both tokens auto-refresh silently
- Access: Frontend/backend call
/api/auth/tokensto get current state - Logout: User clicks logout → tokens cleared
Startup Behavior
- If
tokens.jsonexists with valid PB token: background refresh resumes immediately - If no valid token: frontend redirects to
signin.htmlto require login - Tokens are never deleted until fresh ones are confirmed available
API Endpoints
GET /api/auth/status- Check auth statusGET /api/auth/tokens- Get current tokens (requires auth)POST /api/auth/login- Store tokens after OAuth loginPOST /api/auth/logout- Clear all tokens
Tokens
- PocketBase Token: Required. Refreshes automatically every 5 minutes.
- Graph Token: Optional. Refreshes automatically if available.
Both stay fresh at all times after initial login—no user intervention needed.