This project uses ky with @tanstack/query to simulate a custom refresh logic for a jwt refresh flow when backend returns 401 Unauthorized.
The backend is mocked via msw and returns a status code 401 as long as the Authorization header does not contain Bearer valid-token" (see /src/mocks/handlers.ts)
- A request to the BE is made with an invalid token
- The backend responds with a
401status code - A request to
/auth/refreshis made. All requests to the backend are blocked until/auth/refreshreturns a response (alwaysvalid-token) - The new token is stored
- The original request that responded with a
401is retried - The other request that was blocked will automatically continue with the new
valid-token
The button Retry invalid flow removes the token and clears out the query cache.
When retying the invalid flow the second request will also go out to the backend and return a 401, this is because the second request starts before the backend responded to the first request, which can be verified from the waterfall in the network tab.