@pooflabs/core 0.0.33 → 0.0.34

package/dist/index.js

@@ -4013,13 +4013,15 @@ async function syncItems(paths, options) {
 const connections = new Map();
 const responseCache = new Map();
 const CACHE_TTL = 5 * 60 * 1000; // 5 minutes
-const TOKEN_REFRESH_BUFFER = 5 * 60 * 1000; // Refresh token 5 minutes before expiry
+const TOKEN_REFRESH_BUFFER = 10 * 60 * 1000; // Refresh token 10 minutes before expiry
+const TOKEN_CHECK_INTERVAL = 5 * 60 * 1000; // Check token freshness every 5 minutes
 // ============ WebSocket Config ============
 const BASE_MIN_RECONNECT_DELAY_MS = 1000;
 const MIN_RECONNECT_DELAY_JITTER_MS = 1000;
 const MAX_RECONNECT_DELAY_MS = 300000;
 const RECONNECT_DELAY_GROW_FACTOR = 1.8;
 const MIN_BROWSER_RECONNECT_INTERVAL_MS = 5000;
+const MAX_AUTH_REFRESH_RETRIES = 5;
 const WS_CONFIG = {
     // Keep retrying indefinitely so long outages recover without page refresh.
     maxRetries: Infinity,
@@ -4074,29 +4076,53 @@ function getTokenExpirationTime(token) {
         return null;
     }
 }
-function scheduleTokenRefresh(connection, token) {
+function scheduleTokenRefresh(connection, isServer) {
     // Clear any existing timer
     if (connection.tokenRefreshTimer) {
-        clearTimeout(connection.tokenRefreshTimer);
+        clearInterval(connection.tokenRefreshTimer);
         connection.tokenRefreshTimer = null;
     }
-    if (!token) {
-        return; // No token = unauthenticated, no refresh needed
-    }
-    const expirationTime = getTokenExpirationTime(token);
-    if (!expirationTime) {
-        return; // Can't parse expiration
-    }
-    const refreshTime = expirationTime - TOKEN_REFRESH_BUFFER;
-    const delay = refreshTime - Date.now();
-    if (delay <= 0) {
-        // Token already expired or about to expire, reconnect immediately
-        reconnectWithNewAuthV2();
-        return;
-    }
-    connection.tokenRefreshTimer = setTimeout(() => {
-        reconnectWithNewAuthV2();
-    }, delay);
+    // Periodic check: every TOKEN_CHECK_INTERVAL, check if the token needs refreshing.
+    // This replaces the old single setTimeout approach which was unreliable for long
+    // delays (browsers throttle/suspend timers in background tabs).
+    connection.tokenRefreshTimer = setInterval(async () => {
+        try {
+            const currentToken = await getIdToken(isServer);
+            if (!currentToken)
+                return; // Unauthenticated, nothing to refresh
+            const expirationTime = getTokenExpirationTime(currentToken);
+            if (!expirationTime)
+                return;
+            const timeUntilExpiry = expirationTime - Date.now();
+            if (timeUntilExpiry <= TOKEN_REFRESH_BUFFER) {
+                console.info('[WS v2] Token expiring soon, proactively refreshing and reconnecting');
+                // Refresh the token directly rather than going through getFreshAuthToken(),
+                // which only refreshes when the token is within 60s of expiry. We want to
+                // refresh as soon as we enter the buffer window to avoid unnecessary reconnects.
+                try {
+                    const currentRefreshToken = await getRefreshToken(isServer);
+                    if (!currentRefreshToken) {
+                        console.warn('[WS v2] No refresh token available for proactive refresh');
+                        return;
+                    }
+                    const refreshData = await refreshSession(currentRefreshToken);
+                    if (refreshData && refreshData.idToken && refreshData.accessToken) {
+                        await updateIdTokenAndAccessToken(refreshData.idToken, refreshData.accessToken, isServer);
+                        reconnectWithNewAuthV2();
+                    }
+                    else {
+                        console.warn('[WS v2] Proactive token refresh returned incomplete data');
+                    }
+                }
+                catch (refreshError) {
+                    console.warn('[WS v2] Proactive token refresh failed, will retry next interval:', refreshError);
+                }
+            }
+        }
+        catch (error) {
+            console.error('[WS v2] Error in periodic token check:', error);
+        }
+    }, TOKEN_CHECK_INTERVAL);
 }
 async function getFreshAuthToken(isServer) {
     const currentToken = await getIdToken(isServer);
@@ -4106,10 +4132,12 @@ async function getFreshAuthToken(isServer) {
     if (!isTokenExpired(currentToken)) {
         return currentToken;
     }
+    // Token is expired — attempt refresh
     try {
         const refreshToken = await getRefreshToken(isServer);
         if (!refreshToken) {
-            return currentToken;
+            console.warn('[WS v2] Token expired but no refresh token available');
+            return null;
         }
         const refreshData = await refreshSession(refreshToken);
         if (refreshData && refreshData.idToken && refreshData.accessToken) {
@@ -4120,7 +4148,11 @@ async function getFreshAuthToken(isServer) {
     catch (error) {
         console.error('[WS v2] Error refreshing token:', error);
     }
-    return currentToken;
+    // Return null instead of the expired token to prevent infinite 401 reconnect storms.
+    // The server accepts unauthenticated connections; auth-required subscriptions will
+    // receive per-subscription errors via onError callbacks.
+    console.warn('[WS v2] Token refresh failed, connecting without auth to prevent reconnect storm');
+    return null;
 }
 function hasDisconnectedActiveConnections() {
     for (const connection of connections.values()) {
@@ -4186,6 +4218,7 @@ async function getOrCreateConnection(appId, isServer) {
         tokenRefreshTimer: null,
         lastMessageAt: Date.now(),
         keepaliveTimer: null,
+        consecutiveAuthFailures: 0,
     };
     connections.set(appId, connection);
     // URL provider for reconnection with fresh tokens
@@ -4211,6 +4244,22 @@ async function getOrCreateConnection(appId, isServer) {
         const authToken = await getFreshAuthToken(isServer);
         if (authToken) {
             wsUrl.searchParams.append('authorization', authToken);
+            // Successful token acquisition — reset failure counter
+            connection.consecutiveAuthFailures = 0;
+        }
+        else {
+            // Check if user WAS authenticated (had a token that expired).
+            // If so, retry with exponential backoff before falling back to unauthenticated.
+            const expiredToken = await getIdToken(isServer);
+            if (expiredToken && isTokenExpired(expiredToken)) {
+                connection.consecutiveAuthFailures++;
+                if (connection.consecutiveAuthFailures <= MAX_AUTH_REFRESH_RETRIES) {
+                    console.warn(`[WS v2] Auth refresh failed (attempt ${connection.consecutiveAuthFailures}/${MAX_AUTH_REFRESH_RETRIES}), retrying with backoff`);
+                    throw new Error('Auth token refresh failed, retrying with backoff');
+                }
+                console.warn('[WS v2] Auth refresh retries exhausted, falling back to unauthenticated connection');
+            }
+            // No token at all (never authenticated) or retries exhausted — connect without auth
         }
         return wsUrl.toString();
     };
@@ -4223,11 +4272,9 @@ async function getOrCreateConnection(appId, isServer) {
         connection.isConnecting = false;
         connection.isConnected = true;
         connection.lastMessageAt = Date.now();
-        // Schedule token refresh before expiry
-        (async () => {
-            const token = await getIdToken(isServer);
-            scheduleTokenRefresh(connection, token);
-        })();
+        connection.consecutiveAuthFailures = 0;
+        // Schedule periodic token freshness checks
+        scheduleTokenRefresh(connection, isServer);
         // Re-subscribe to all existing subscriptions after reconnect
         for (const sub of connection.subscriptions.values()) {
             sub.lastData = undefined;
@@ -4272,7 +4319,7 @@ async function getOrCreateConnection(appId, isServer) {
     ws.addEventListener('close', () => {
         connection.isConnected = false;
         if (connection.tokenRefreshTimer) {
-            clearTimeout(connection.tokenRefreshTimer);
+            clearInterval(connection.tokenRefreshTimer);
             connection.tokenRefreshTimer = null;
         }
         if (connection.keepaliveTimer) {
@@ -4518,7 +4565,7 @@ async function removeCallbackFromSubscription(connection, subscriptionId, callba
     if (connection.subscriptions.size === 0 && connection.ws) {
         // Clear token refresh timer
         if (connection.tokenRefreshTimer) {
-            clearTimeout(connection.tokenRefreshTimer);
+            clearInterval(connection.tokenRefreshTimer);
             connection.tokenRefreshTimer = null;
         }
         connection.ws.close();
@@ -4534,7 +4581,7 @@ async function closeAllSubscriptionsV2() {
     for (const [appId, connection] of connections) {
         // Clear token refresh timer
         if (connection.tokenRefreshTimer) {
-            clearTimeout(connection.tokenRefreshTimer);
+            clearInterval(connection.tokenRefreshTimer);
             connection.tokenRefreshTimer = null;
         }
         if (connection.ws) {
@@ -4603,6 +4650,8 @@ async function reconnectWithNewAuthV2() {
             pending.resolve();
         }
         connection.pendingUnsubscriptions.clear();
+        // Reset auth failure counter — this is a proactive reconnect (login, token refresh)
+        connection.consecutiveAuthFailures = 0;
         // Close the WebSocket (this triggers reconnection in ReconnectingWebSocket)
         // We use reconnect() which will close and re-open with fresh URL (including new token)
         try {