Changed logic for auth token refresh

2025-12-02 15:37:37 -03:00
parent a65719b631
commit 5b7c499212
8 changed files with 351 additions and 4 deletions
--- a/backend/src/main.py
+++ b/backend/src/main.py
@@ -196,6 +196,19 @@ async def logout(request: Request):
    return AuthController.logout()


+# Define the token refresh endpoint
+@app.post("/api/auth/refresh")
+async def refresh_token(request: Request):
+    """
+    Silently refresh the access token using the refresh token cookie.
+    This should be called by the frontend before the access token expires.
+
+    Returns:
+        dict: Success status and new expiration time.
+    """
+    return AuthController.refresh_token(request)
+
+
 # Define the protected endpoint (kept for API token-based access)
@app.get("/api/protected", response_model=UserInfo)
 async def protected_endpoint(