For the MedSafe 2.0 we have developed custom Authorization Flow, which is located in Auth Module and its dependents.
Here will be described common issues and ways to solve them.
How to...
...fetch user details?
To fetch user data call https://<env|client>-backend.medvision360.org/person/, where <env|client> - your environment/client and personId - id which can be taken from the accessToken. Our Auth Module automatically adds the id to the NgRx Store.
What is NOT implemented yet
Coach/Doctor behaviors
Unfortunately, for now we don't have any Doctor specific APIs. You can do everything for Patient, but for the Doctor - not.
Known bugs
There're several known bugs in the Auth Module. We are working on them.
Wrong redirect on sign-up
Expected fix time: up to several months
After user signs up, he receives an email with the confirmation link. Now the link is only one and it follows the user to the corresponding Patient module.
For example - if user signed up at https://dev-coach.medvision360.org/ he will be redirected to https://dev.medvision360.org/ no matter what is his role.
Wrong use field enum for Addresses at the Onboarding page
Expected fix time: 1-2 weeks
The enum should use [ home, work, temp, old ] values, but currently we have [ HOME, WORK, TEMP, OLD ] values there.
Token refresh
Expected fix time: 2-3 weeks
Unfortunately, after accessToken expires, the Auth Module doesn't renew it automatically. So after 15 minutes of session is expired and any new user action asks him to re-login.
No auto log-out
When session expired, user still can see current page. But any route action will navigate him to the Login page. After the fix user will be automatically redirected to the Login right at the moment when token is expired.
State cleanup
Expected fix time: 1-2 weeks
NgRx state is not cleaned on logout at all, only localStorage data is cleared.