Flutter Auth Client
Component Detail
Description
Client-side Riverpod service (no codegen) that calls the Auth Service REST endpoints, stores the access token in memory and the refresh token in flutter_secure_storage (iOS Keychain / Android Keystore), and transparently retries requests on 401 by calling the refresh endpoint.
flutter-auth-client
Sources & reasoning
The implementation notes explicitly specify flutter_secure_storage (iOS Keychain / Android Keystore) and the source doc describes an ApiHttpClient with auto-refresh on 401. The mobile auth client encapsulates these concerns so the login UI and other features interact with a single typed auth state rather than raw token storage.
No source references — this artifact was included based on reasoning alone (see above).
Responsibilities
- Call sign-in and sign-out endpoints and persist tokens securely
- Store refresh token in flutter_secure_storage (platform secure enclave)
- Auto-refresh access token on 401 response before retrying the original request
- Expose authentication state to the Riverpod widget tree
Interfaces
signIn(email, password) → Future<void>
signOut() → Future<void>
getAccessToken() → String?
authState → Stream<AuthState>
Relationships
Related Data Entities (3)
Data entities managed by this component