Add support for some sort of logout ? #35

nashfive · 2017-08-21T08:50:04Z

Superb is working great so far in our code.

One thing we are missing though is some sort of a manual logout process (i.e., clearing the token). Keeping an external reference on the token storage and calling clearToken() seem too easy and might be dangerous because of multi-threading.

Do you think that adding a logout() method on the request authorizer is a better way to reach that goal ?

sharplet · 2017-08-21T18:26:33Z

I think it should be straightforward to expose a clearToken() method to RequestAuthorizer that updates the token storage in a thread-safe way. I've been trying to think about whether this would interact in a confusing way with the authentication state, but I can't think of any issues:

If you call clearToken() while unauthenticated, nothing happens
If you call clearToken() while authenticating, nothing happens, and you are still authenticating. Pending requests will be unaffected.
If you call clearToken() while authenticated, you can safely update your UI accordingly (provided no error is thrown when accessing the keychain). Subsequent requests will just show the authentication UI again.

I'm working on a PR for this, so you should have something to test out soon.

Superb is working great so far in our code.

That's great to hear! 😃

sharplet mentioned this issue Aug 21, 2017

Add RequestAuthorizer.clearToken() #36

Merged

sharplet closed this as completed in #36 Aug 21, 2017

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Add support for some sort of logout ? #35

Add support for some sort of logout ? #35

Uh oh!

Uh oh!

Add support for some sort of logout ? #35

Add support for some sort of logout ? #35

Comments

Uh oh!