What is the best approach for authentication flow in PWA when its offline. I am using OIDC client js for online authentication flow.
Asked
Active
Viewed 599 times
1 Answers
2
The Authorization Server sits alongside your APIs so I would treat both the same:
- If the device is offline you cannot call your APIs so you have to use data that is cached locally - such as that for the last rendered view
- If the device is offline you also cannot perform user authentication or token refresh operations
Nothing about OIDC behaviour would change - you just need a design pattern for API access, which does not really depend on the technology you are using:
- MyView uses a MyApiClient
- When online, MyApiClient initiates OAuth related calls if there is no token yet, then adds a token to the Authorization header and calls MyApi
- When offline, MyApiClient looks in a local cache instead and displays cached data if it can, while also informing the user they are offline
Gary Archer
- 22,534
- 2
- 12
- 24