Contents

Desp0o/IzziSession

izziSession is a simple manager for secure token storage, validation, and seamless authentication handling.

Features ๐Ÿš€

  • Save Tokens in Keychain.
  • Retrieve Tokens from Keychain.
  • Delete Tokens from Keychain.
  • Easily Verify Token Validity: Check if the token is still valid with a simple method.
  • Default Token Models or Custom Codable Models.

Default Keys for Keychain ๐Ÿ”‘

| Parameter | Key | :-------------- | :-------------------- | | accessTokenKey | izzi.session.accessToken| | refreshTokenKey | izzi.session.refreshToken|

Configuration โš™๏ธ

| Parameter | Key | Description | Default Value | | :--------------------- | :--------------------------------------- | :--------------------------------------------- | :------------------------------------------ | | apiEndpoint | string | Required. API endpoint. | N/A | | customRequestBuilder | ((String) -> RequestModel) | Optional. A closure that builds a custom request model using the refreshToken. | DefaultRefreshRequestModel | | tokenExtractor | ((ResponseModel) -> String) | Required. A closure that extracts the token (e.g., accessToken) from the API response. | DefaultTokenResponseModel |

Usage Guide ๐Ÿ“–

First, inject izziSessionManager into your project

final class MyProject {
  private let izziSession: IzziSessionManager  

  init(izziSession: IzziSessionManager = IzziSessionManager()) {
    self.izziSession = izziSession
  }
}

Then, save the returned tokens from the response in Keychain for future use

do {
    let response: MyResponseModel = // API call to log in the user  
    try izziSession.saveTokensToKeychain(accessToken: response.access, refreshToken: response.refresh)
} catch {
    print(error)
}

Check validity with default response and request models

After successfully logging in and securely saving the tokens, on the appโ€™s next launch, we can check token validity in RouterManager (or anywhere else) to decide where to navigate the user.

You can do this with a single line of code:

let api = "https://test.com/check_token"

do {
    try await izziSession.verifyTokenValidity(apiEndpoint: api)
    
    // Navigate user to the main screen
} catch {
    print(error)
    
    // Navigate user to the login screen
}

With the code above, we check token validity using the default request and response models, which are structured as follows:

struct DefaultRequestModel: Codable {
  let refresh: String
}

struct DefaultRsponseModel: Codable {
  let access: String
}

If your API only sends and receives tokens, you can freely use these default models and simply call: izziSession.verifyTokenValidity(apiEndpoint: api)

Check validity with custom response and request models

If your API requires additional informationโ€”such as a device ID or other parametersโ€”along with the token, you need to send a custom request model and handle a custom response model.

struct CustomRequestModel: Codable {
  let refreshToken: String
  let clientId: String
}

struct CustomResponseModel: Codable {
  let accessToken: String
  let deviceId: String
  let appVersion: String
}

-------

let api = "https://test.com/check_token"

do {
    try await izziSession.verifyTokenValidity(
      apiEndpoint: api,
      customRequestBuilder: { refreshToken in
        CustomRequestModel(refreshToken: refreshToken, clientId: "client123") // Custom request model
      },
      tokenExtractor: { (response:CustomResponseModel) in // Custom response model
        response.accessToken
      }
    )
        
    // your code to forward user in main screen
} catch {
    print(error)

    // forward user in login screen
}

Delete Tokens from Keychain ๐Ÿ—‘๏ธ

To log out a user, you must also delete the tokens stored in the keychain. Use the following izziSession function:

func logOut() {
  do {
    try izziSession.deleteTokensFromKeychain()
      
    // Your logout logic
  } catch {
    print("Error during logout: \(error)")
  }
}

Other Functions ๐Ÿ”ง

Additionally, if needed, you can use the following functions:

try izziSession.getAccessToken() // Retrieve only the access token  
try izziSession.getRefreshToken() // Retrieve only the refresh token  
try izziSession.saveOnlyAccessToken(token: "testToken") // Save only the access token  
try izziSession.saveOnlyRefreshToken(token: "testToken") // Save only the refresh token

Installation via Swift Package Manager ๐Ÿ–ฅ๏ธ

  • Open your project.
  • Go to File โ†’ Add Package Dependencies.
  • Enter URL: https://github.com/Desp0o/izziSession.git
  • Click Add Package.

Contact ๐Ÿ“ฌ

  • Email: tornike.despotashvili@gmail.com
  • LinkedIn: https://www.linkedin.com/in/tornike-despotashvili-250150219/
  • github: https://github.com/Desp0o

Package Metadata

Repository: Desp0o/IzziSession

Stars: 0

Forks: 0

Open issues: 0

Default branch: main

Primary language: swift

License: MIT

Topics: api, apple, auth, authentication, authentication-middleware, authorization, ios, jwt, session, swift, token

README: README.md