init method

Future<String?> init()

Initializes this service.

Tries to load user data from the storage and navigates to the Routes.auth page if this operation fails. Otherwise, fetches user data from the server to be up-to-date with it.

Implementation

Future<String?> init() async {
  Log.debug('init()', '$runtimeType');

  _authRepository.authExceptionHandler = (e) async {
    // Try to refresh session, otherwise just force logout.
    if (credentials.value?.refresh.expireAt.isAfter(
          PreciseDateTime.now().toUtc(),
        ) ==
        true) {
      await refreshSession();
    } else {
      _unauthorized();
      router.auth();
      throw e;
    }
  };

  // Listen to the [Credentials] changes to stay synchronized with another
  // tabs.
  _storageSubscription = WebUtils.onStorageChange.listen((e) {
    if (e.key?.startsWith('credentials_') ?? false) {
      Log.debug(
        '_storageSubscription(${e.key}): received a credentials update',
        '$runtimeType',
      );

      if (e.newValue != null) {
        final Credentials received = Credentials.fromJson(
          json.decode(e.newValue!),
        );
        Credentials? current = credentials.value;
        final bool authorized = _hasAuthorization;

        if (!authorized ||
            received.userId == current?.userId &&
                received.access.secret != current?.access.secret) {
          // These [Credentials] should be treated as current ones, so just
          // apply them as saving to local storage has already been performed
          // by another tab.
          _authRepository.token = received.access.secret;
          _authRepository.applyToken();
          credentials.value = received;
          _putCredentials(received);
          status.value = RxStatus.success();

          if (!authorized) {
            router.home();
          }
        } else {
          current = accounts[received.userId]?.value;
          if (received.access.secret != current?.access.secret) {
            // These [Credentials] are of another account, so just save them.
            _putCredentials(received);
          }
        }
      } else {
        final UserId? deletedId = accounts.keys.firstWhereOrNull(
          (k) => e.key?.endsWith(k.val) ?? false,
        );

        accounts.remove(deletedId);

        final bool currentAreNull = credentials.value == null;
        final bool currentDeleted = deletedId != null && deletedId == userId;

        if ((currentAreNull || currentDeleted) && !WebUtils.isPopup) {
          router.go(_unauthorized());
        }
      }
    }
  });

  return await WebUtils.protect(() async {
    final List<Credentials> allCredentials = await _credentialsProvider.all();
    for (final Credentials e in allCredentials) {
      WebUtils.putCredentials(e);
      _putCredentials(e);
    }

    final UserId? userId = _accountProvider.userId;
    final Credentials? creds =
        userId != null
            ? allCredentials.firstWhereOrNull((e) => e.userId == userId)
            : null;

    if (creds == null) {
      return _unauthorized();
    }

    final AccessToken access = creds.access;
    final RefreshToken refresh = creds.refresh;

    if (access.expireAt.isAfter(PreciseDateTime.now().toUtc())) {
      await _authorized(creds);
      status.value = RxStatus.success();
      return null;
    } else if (refresh.expireAt.isAfter(PreciseDateTime.now().toUtc())) {
      await _authorized(creds);

      if (_shouldRefresh(creds)) {
        refreshSession();
      }
      status.value = RxStatus.success();
      return null;
    } else {
      // Neither [AccessToken] nor [RefreshToken] are valid, should logout.
      return _unauthorized();
    }
  });
}