chore: sign user out if token is expired (#109)

Closes #107.

When the menu bar icon is clicked, and the user is signed in, and the VPN is disabled, the app will check if the token is expired. If it is, the user will be signed out.

We could have checked this when the VPN is enabled, but the UX seemed worse, and the implementation would have been messy. We would have needed to sign the user out and show an error. Instead, we'll check for expiry in a scenario where the next user step would likely be an interaction that requires a session. 
This approach also future-proofs for when functionality becomes usable without the VPN.

Author: ethanndickson

Coder-Desktop/Coder-Desktop/Coder_DesktopApp.swift

@@ -40,11 +40,21 @@ class AppDelegate: NSObject, NSApplicationDelegate {
     }
 
     func applicationDidFinishLaunching(_: Notification) {
-        menuBar = .init(menuBarExtra: FluidMenuBarExtra(title: "Coder Desktop", image: "MenuBarIcon") {
-            VPNMenu<CoderVPNService>().frame(width: 256)
-                .environmentObject(self.vpn)
-                .environmentObject(self.state)
-        })
+        menuBar = .init(menuBarExtra: FluidMenuBarExtra(
+            title: "Coder Desktop",
+            image: "MenuBarIcon",
+            onAppear: {
+                // If the VPN is enabled, it's likely the token isn't expired
+                guard case .disabled = self.vpn.state, self.state.hasSession else { return }
+                Task { @MainActor in
+                    await self.state.handleTokenExpiry()
+                }
+            }, content: {
+                VPNMenu<CoderVPNService>().frame(width: 256)
+                    .environmentObject(self.vpn)
+                    .environmentObject(self.state)
+            }
+        ))
         // Subscribe to system VPN updates
         NotificationCenter.default.addObserver(
             self,

Coder-Desktop/Coder-Desktop/State.swift

@@ -2,10 +2,12 @@ import CoderSDK
 import Foundation
 import KeychainAccess
 import NetworkExtension
+import os
 import SwiftUI
 
 @MainActor
 class AppState: ObservableObject {
+    private let logger = Logger(subsystem: Bundle.main.bundleIdentifier!, category: "AppState")
     let appId = Bundle.main.bundleIdentifier!
 
     // Stored in UserDefaults
@@ -102,6 +104,9 @@ class AppState: ObservableObject {
         )
         if hasSession {
             _sessionToken = Published(initialValue: keychainGet(for: Keys.sessionToken))
+            if sessionToken == nil || sessionToken!.isEmpty == true {
+                clearSession()
+            }
         }
     }
 
@@ -112,6 +117,24 @@ class AppState: ObservableObject {
         reconfigure()
     }
 
+    public func handleTokenExpiry() async {
+        if hasSession {
+            let client = Client(url: baseAccessURL!, token: sessionToken!)
+            do {
+                _ = try await client.user("me")
+            } catch let ClientError.api(apiErr) {
+                // Expired token
+                if apiErr.statusCode == 401 {
+                    clearSession()
+                }
+            } catch {
+                // Some other failure, we'll show an error if they try and do something
+                logger.error("failed to check token validity: \(error)")
+                return
+            }
+        }
+    }
+
     public func clearSession() {
         hasSession = false
         sessionToken = nil

Coder-Desktop/CoderSDK/Client.swift

@@ -104,10 +104,10 @@ public struct Client {
 }
 
 public struct APIError: Decodable, Sendable {
-    let response: Response
-    let statusCode: Int
-    let method: String
-    let url: URL
+    public let response: Response
+    public let statusCode: Int
+    public let method: String
+    public let url: URL
 
     var description: String {
         var components = ["\(method) \(url.absoluteString)\nUnexpected status code \(statusCode):\n\(response.message)"]

Coder-Desktop/project.yml

@@ -92,10 +92,12 @@ packages:
     url: https://github.com/SimplyDanny/SwiftLintPlugins
     from: 0.57.1
   FluidMenuBarExtra:
-    # Forked so we can dynamically update the menu bar icon.
+    # Forked to:
+    # - Dynamically update the menu bar icon
+    # - Set onAppear/disappear handlers.
     # The upstream repo has a purposefully limited API
     url: https://github.com/coder/fluid-menu-bar-extra
-    revision: 020be37
+    revision: 96a861a
   KeychainAccess:
     url: https://github.com/kishikawakatsumi/KeychainAccess
     branch: e0c7eebc5a4465a3c4680764f26b7a61f567cdaf