Hi i am using meteorjs and a 3rd party api to create users on 3rd party's database.
I am getting access tokens with oauth2 and tokens have 2 hour expiry. After getting the access token with an async function I use it with couple of different methods.
However instead of calling an async function every time I need an access token, I would like to store it on server until it expires.
what is the best practice to store them securely and use it globally on the server?
many thanks in advance
I end up using global var to store the token on server;
token = '';
Meteor.methods({
refreshToken: function () {
token = getToken();
...
});
and now
token
is available for all methods. and I also check if the token still valid and refresh the token if the expiry is within 300 seconds.And the code for that part is as follows:
const EXPIRATION_WINDOW_IN_SECONDS = 300;
const expirationTimeInSeconds = token.expires_at.getTime() / 1000;
const expirationWindowStart = expirationTimeInSeconds - EXPIRATION_WINDOW_IN_SECONDS;
const nowInSeconds = (new Date()).getTime() / 1000;
const shouldRefresh = nowInSeconds >= expirationWindowStart;
if (shouldRefresh) {
try {
//refresh the token
} catch (error) {
console.log('Error refreshing access token: ', error.message);
}
}