Auth interceptor can be plugged in to a HttpClient to ensure passing proper authorization data to all requests and automatically refresh the tokens when they expire. You can configure whether authorization is done by body, header or query param, you can define your own refresh mechanism or use some ready-made, commonly used options.
Add the Auth Interceptor package, assuming that you already have @coolio/http
installed:
Declare httpClient
as described in @coolio/http's README.md and then use createAuthInterceptor
, passing all parameters required by options
object. authInterceptor
itself may also make it's own calls (via reauthorize
function), so you may need to create another HttpClient
, which won't interfere with your basic HttpClient
's interceptors. See the Usage section for complete example.
Now each request directed to my-domain.org
has a proper Authorization
header. In case of 401
response, all requests are paused and token refresh happens. When token is fresh, all requests are resumed. The whole process is transparent and doesn't affect calls.
If you're using OAuth2 authentication mechanisms, you can use an interceptor pre-made specifically for that case. See an example below: