diff --git a/frontend/index.html b/frontend/index.html
index 3f21b78..d657666 100644
--- a/frontend/index.html
+++ b/frontend/index.html
@@ -10,6 +10,7 @@
+
@@ -193,48 +194,19 @@
const authed = await ensureAuth();
if (!authed) return;
- // Make sure a Graph token is available before proceeding; this may refresh silently
- try {
- await ensureGraphToken();
- } catch (err) {
- console.warn('Graph token missing after refresh; continuing. Preview may prompt for auth.', err?.message || err);
- }
+ // Initialize TokenManager for robust token handling
+ tokenManager = new TokenManager(pb);
+ await tokenManager.init();
+ console.log('[App] TokenManager initialized');
// --- Utility ---
- const fetchNoCache = (url, options={}) => {
+
+ const fetchNoCache = async (url, options={}) => {
+ const token = await tokenManager.getToken();
const headers = { ...(options.headers||{}), ...authHeaders() };
+ if (token) headers['x-graph-token'] = token;
return fetch(url + `&_ts=${Date.now()}`, { ...options, headers });
};
- const GRAPH_TOKEN_KEY = 'graphAccessToken';
- const GRAPH_REAUTH_FLAG = 'graphReauthAttempted';
- const extractGraphToken = (metaObj={}) => (
- metaObj.graphAccessToken ||
- metaObj.graph_token ||
- metaObj.graphToken ||
- metaObj.accessToken ||
- metaObj.access_token ||
- metaObj.token ||
- metaObj.rawToken ||
- metaObj?.authData?.access_token ||
- ''
- );
- const getGraphToken = () => {
- // Prefer runtime token already present in PB model/meta, then localStorage
- const model = pb?.authStore?.model || {};
- const meta = model?.meta || {};
- const token = (
- model.graphAccessToken ||
- model.graph_token ||
- model.graphToken ||
- meta.graphAccessToken ||
- meta.graph_token ||
- meta.graphToken ||
- localStorage.getItem(GRAPH_TOKEN_KEY) ||
- ''
- );
- console.log('[getGraphToken] Found token:', token ? token.substring(0, 30) + '...' : 'NONE');
- return token;
- };
const PB_COLLECTION_URL = "https://pocketbase.ccllc.pro/api/collections/pbc_1407612689/records";
const NOTES_COLLECTION_URL = "https://pocketbase.ccllc.pro/api/collections/notes/records";
const PREFS_COLLECTION_URL = "https://pocketbase.ccllc.pro/api/collections/user_preferences/records";
@@ -282,46 +254,24 @@
if(userEmailEl && currentUserEmail) userEmailEl.textContent = currentUserEmail;
- // Ensure Graph token is present; refresh if missing; redirect to signin if still absent
- async function refreshGraphToken(){
- try {
- const authData = await pb.collection('users').authRefresh();
- const meta = authData?.meta || pb?.authStore?.model?.meta || {};
- const token = extractGraphToken(meta);
- if (token) localStorage.setItem(GRAPH_TOKEN_KEY, token);
- return token || '';
- } catch(err){
- console.warn('Graph token refresh failed:', err?.message||err);
- return '';
- }
- }
-
+ // Ensure Graph token is present via TokenManager
async function ensureGraphToken(){
- let token = getGraphToken();
- if(token) return token;
- // If PB session is valid, try to refresh; if still missing, redirect to reauth once
- if (pb?.authStore?.isValid) {
- token = await refreshGraphToken();
- if (token) return token;
- const attempted = localStorage.getItem(GRAPH_REAUTH_FLAG) === '1';
- if (!attempted) {
- localStorage.setItem(GRAPH_REAUTH_FLAG, '1');
- console.warn('Graph token unavailable after refresh; redirecting once to sign-in to obtain a new token.');
- window.location.href = 'signin.html?reauth=1';
- throw new Error('GRAPH_TOKEN missing');
- }
- console.warn('Graph token unavailable after refresh; reauth already attempted. Proceeding without token.');
- return '';
- }
- // PB session invalid: redirect to signin
- window.location.href = 'signin.html';
+ const token = await tokenManager.getToken();
+ if (token) return token;
+
+ // Only redirect if truly invalid (not just missing)
+ console.warn('[ensureGraphToken] No token available');
+ window.location.href = 'signin.html?reauth=1';
throw new Error('GRAPH_TOKEN missing');
}
if (signOutBtn) {
- signOutBtn.addEventListener('click', () => {
+ signOutBtn.addEventListener('click', async () => {
+ if (tokenManager) {
+ tokenManager.stopRefreshCycle();
+ await tokenManager.clearToken();
+ }
try { pb?.authStore?.clear?.(); } catch {}
- try { localStorage.removeItem(GRAPH_TOKEN_KEY); } catch {}
try { localStorage.removeItem('pocketbase_auth'); } catch {}
try { sessionStorage.clear(); } catch {}
location.reload();
diff --git a/frontend/signin.html b/frontend/signin.html
index a0c3792..bc074b3 100644
--- a/frontend/signin.html
+++ b/frontend/signin.html
@@ -7,6 +7,7 @@
+
@@ -29,21 +30,7 @@