diff --git a/frontend/index.html b/frontend/index.html index 3f21b78..d657666 100644 --- a/frontend/index.html +++ b/frontend/index.html @@ -10,6 +10,7 @@ +
@@ -193,48 +194,19 @@ const authed = await ensureAuth(); if (!authed) return; - // Make sure a Graph token is available before proceeding; this may refresh silently - try { - await ensureGraphToken(); - } catch (err) { - console.warn('Graph token missing after refresh; continuing. Preview may prompt for auth.', err?.message || err); - } + // Initialize TokenManager for robust token handling + tokenManager = new TokenManager(pb); + await tokenManager.init(); + console.log('[App] TokenManager initialized'); // --- Utility --- - const fetchNoCache = (url, options={}) => { + + const fetchNoCache = async (url, options={}) => { + const token = await tokenManager.getToken(); const headers = { ...(options.headers||{}), ...authHeaders() }; + if (token) headers['x-graph-token'] = token; return fetch(url + `&_ts=${Date.now()}`, { ...options, headers }); }; - const GRAPH_TOKEN_KEY = 'graphAccessToken'; - const GRAPH_REAUTH_FLAG = 'graphReauthAttempted'; - const extractGraphToken = (metaObj={}) => ( - metaObj.graphAccessToken || - metaObj.graph_token || - metaObj.graphToken || - metaObj.accessToken || - metaObj.access_token || - metaObj.token || - metaObj.rawToken || - metaObj?.authData?.access_token || - '' - ); - const getGraphToken = () => { - // Prefer runtime token already present in PB model/meta, then localStorage - const model = pb?.authStore?.model || {}; - const meta = model?.meta || {}; - const token = ( - model.graphAccessToken || - model.graph_token || - model.graphToken || - meta.graphAccessToken || - meta.graph_token || - meta.graphToken || - localStorage.getItem(GRAPH_TOKEN_KEY) || - '' - ); - console.log('[getGraphToken] Found token:', token ? token.substring(0, 30) + '...' : 'NONE'); - return token; - }; const PB_COLLECTION_URL = "https://pocketbase.ccllc.pro/api/collections/pbc_1407612689/records"; const NOTES_COLLECTION_URL = "https://pocketbase.ccllc.pro/api/collections/notes/records"; const PREFS_COLLECTION_URL = "https://pocketbase.ccllc.pro/api/collections/user_preferences/records"; @@ -282,46 +254,24 @@ if(userEmailEl && currentUserEmail) userEmailEl.textContent = currentUserEmail; - // Ensure Graph token is present; refresh if missing; redirect to signin if still absent - async function refreshGraphToken(){ - try { - const authData = await pb.collection('users').authRefresh(); - const meta = authData?.meta || pb?.authStore?.model?.meta || {}; - const token = extractGraphToken(meta); - if (token) localStorage.setItem(GRAPH_TOKEN_KEY, token); - return token || ''; - } catch(err){ - console.warn('Graph token refresh failed:', err?.message||err); - return ''; - } - } - + // Ensure Graph token is present via TokenManager async function ensureGraphToken(){ - let token = getGraphToken(); - if(token) return token; - // If PB session is valid, try to refresh; if still missing, redirect to reauth once - if (pb?.authStore?.isValid) { - token = await refreshGraphToken(); - if (token) return token; - const attempted = localStorage.getItem(GRAPH_REAUTH_FLAG) === '1'; - if (!attempted) { - localStorage.setItem(GRAPH_REAUTH_FLAG, '1'); - console.warn('Graph token unavailable after refresh; redirecting once to sign-in to obtain a new token.'); - window.location.href = 'signin.html?reauth=1'; - throw new Error('GRAPH_TOKEN missing'); - } - console.warn('Graph token unavailable after refresh; reauth already attempted. Proceeding without token.'); - return ''; - } - // PB session invalid: redirect to signin - window.location.href = 'signin.html'; + const token = await tokenManager.getToken(); + if (token) return token; + + // Only redirect if truly invalid (not just missing) + console.warn('[ensureGraphToken] No token available'); + window.location.href = 'signin.html?reauth=1'; throw new Error('GRAPH_TOKEN missing'); } if (signOutBtn) { - signOutBtn.addEventListener('click', () => { + signOutBtn.addEventListener('click', async () => { + if (tokenManager) { + tokenManager.stopRefreshCycle(); + await tokenManager.clearToken(); + } try { pb?.authStore?.clear?.(); } catch {} - try { localStorage.removeItem(GRAPH_TOKEN_KEY); } catch {} try { localStorage.removeItem('pocketbase_auth'); } catch {} try { sessionStorage.clear(); } catch {} location.reload(); diff --git a/frontend/signin.html b/frontend/signin.html index a0c3792..bc074b3 100644 --- a/frontend/signin.html +++ b/frontend/signin.html @@ -7,6 +7,7 @@ +
@@ -29,21 +30,7 @@