* fix: unattended component reload due to session changes
When the session is updated, status goes back to loading then
authenticated or unauthenticated. session.accessTokenExpires may also be
updated.
This triggered various component refresh at unattented times, and brake
the user experience.
By splitting to only what's needed with memoization, it will prevent
unattented refresh.
* review
* review: change syntax
With NextAuth, there is a race condition of the current implementation
of refreshToken using multiple tab. Because getSession() is broadcasted
(or triggered by another component, window focus or such), we may ask
for the jwt() to be refreshed at the same time.
The problem is the first time will go correctly, while all others calls
will be rejected as they are using a revoked token.
This redis lock is per-user, and will use redis lock as a source of
truth.
* sso: first pass for integrating SSO
still have issue on refreshing
maybe customize the login page, or completely avoid it
make 100% to understand how session server/client are working
need to test with different configuration option (features flags and
requireLogin)
* sso: correctly handle refresh token, with pro-active refresh
Going on interceptors make extra calls to reflector when 401.
We need then to circle back with NextJS backend to update the jwt,
session, then retry the failed request.
I prefered to go pro-active, and ensure the session AND jwt are always
up to date.
A minute before the expiration, we'll try to refresh it. useEffect() of
NextJS cannot be asynchronous, so we cannot wait for the token to be
refreshed.
Every 20s, a minute before the expiration (so 3x in total max) we'll try
to renew. When the accessToken is renewed, the session is updated, and
dispatching up to the client, which updates the useApi().
Therefore, no component will left without a incorrect token.
* fixes: issue with missing key on react-select-search because the default value is undefined
* sso: fixes login/logout button, and avoid seeing the login with authentik page when clicking
* sso: ensure /transcripts/new is not behind protected page, and feature flags page are honored
* sso: fixes user sub->id
* fixes: remove old layout not used
* fixes: set default NEXT_PUBLIC_SITE_URL as localhost
* fixes: removing fief again due to merge with main
* sso: ensure session is always ready before doing any action
* sso: add migration from fief to jwt in server, only from transcripts list
* fixes: user tests
* fixes: compilation issues
