artem
Tesla: intercept 401 and refresh token on demand
Hi all
I am building a small web service that is essentially a nice looking wrapper around an external API. It reads user details from that external API, if user details list orders, then more API calls to read those orders details and present it all together in a nice looking web page.
API is oauth-authenticated and I work with it via server flow.. not sure if it’s correct name. Basically it’s my server that gets an auth token and fetches data, user doesn’t need to approve anything.
I use Tesla to access this third party API and it works very well except for when auth token expires. Then API returns 401, I need to refresh token (yet another http request) and then retry what I was doing.
It’s not a rocket science to handle it, yet still somewhat inconvenient to bake this readiness to 401+retry everywhere.
In JavaScript axios library similar situations are handled with “interceptors”. Interceptors can catch 401, “put original request on pause”, go execute another request for refreshing token, resume (or actually retry) original request wi th the renewed token.
- Can something like this be done with Tesla as well?
- Or what would be the proper elixir way to renew tokens on demand?
Most Liked
JohnnyCurran
Does the Retry middleware help?
Though I’m not sure if this will let you change the actual request being made, like hitting /oauth/token to get a new token if a request fails…
zorn
In my current work, I renew expired tokens (or soon to be expiring) before I do my external network calls. I added that “soon to be expiring” logic after observing some poor alignment in our Oban jobs that ran every 60m and then tokens expiring every 60m .. and full pagination capture to go past expiration.
Sorry I don’t have a good solution for you, but wanted to chime in and see what other people say too.
zorn
Right now, it is on demand. The module exposes a fetch_user function and to return the full list of users (which may require synchronous paginated results), we renew the token (if needed) and then start paginated requests.
There is an Oban Job that utilizes the module to do its work (which is out of cycle of normal user activity).
If you want to chat about our setup, I’m happy to do a private demo.
Popular in Questions
Other popular topics
Categories:
Sub Categories:
Forums
Popular Tags
- #ecto
- #liveview
- #troubleshooting
- #learning-elixir
- #deployment
- #library
- #erlang
- #testing
- #genserver
- #mix
- #absinthe
- #remote-other
- #otp
- #plug
- #how-to-question
- #macros
- #postgres
- #channels
- #elixirconf
- #exunit
- #discussion
- #code-sync
- #javascript
- #podcasts
- #onsite
- #dialyzer
- #docker
- #authentication
- #umbrella
- #full-time-contract
- #podcasts-by-brainlid
- #ecto-query
- #elixir-ls
- #phoenix_html
- #iex
- #blog-post
- #graphql
- #genstage
- #ai
- #websockets
- #supervisor
- #advent-of-code
- #elixirconf-us
- #distillery
- #processes
- #forms
- #api
- #metaprogramming
- #security
- #performance









