Files
tm_app/lib/core/constants/pref_keys.dart
T
AmirReza Jamali deda384aaa Harden AuthInterceptor: retry guard, single-flight refresh, shared pref keys
Addresses PR review on the auth interceptor:

- Guard against unbounded retry recursion: tag the replayed request with
  extra['auth_retried'] and skip the refresh/replay path on a second 401 so
  it can't recurse refresh -> replay indefinitely. Drop the redundant manual
  Authorization header on the replay (onRequest re-injects it).
- Fix the concurrent-refresh race: coalesce concurrent 401s onto a single
  in-flight refresh future so the rotating refresh token is only consumed
  once, instead of later refreshes posting an already-consumed token and
  spuriously logging out. (Chose the shared-future approach over
  QueuedInterceptor, which deadlocks with the replay-via-same-Dio pattern.)
- Centralise the 'bearer' / 'refresh_token' / 'customer_data' pref keys in
  a PrefKeys constants class used by the interceptor, network manager, auth
  service and router so they can't silently diverge.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-10 12:21:03 +03:30

13 lines
484 B
Dart

/// Keys used for values persisted in [SharedPreferences].
///
/// Centralised here so the auth flow, the network layer and the router all
/// agree on the same key. Renaming a key in one place would otherwise silently
/// diverge from the others (e.g. the interceptor's defensive logout fallback).
class PrefKeys {
PrefKeys._();
static const String bearer = 'bearer';
static const String refreshToken = 'refresh_token';
static const String customerData = 'customer_data';
}