Forem: Elys Maldov The latest articles on Forem by Elys Maldov (@elys_m). https://forem.com/elys_m https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F2628217%2F58c4e583-572a-47d9-a605-9116e68959ba.png Forem: Elys Maldov https://forem.com/elys_m en A low-cost idea to automate your e-commerce platform with Payload CMS and Hermes Agent Elys Maldov Thu, 19 Mar 2026 16:50:35 +0000 https://forem.com/elys_m/a-low-cost-idea-to-automate-your-e-commerce-platform-with-payload-cms-and-hermes-agent-4j55 https://forem.com/elys_m/a-low-cost-idea-to-automate-your-e-commerce-platform-with-payload-cms-and-hermes-agent-4j55 <p>A few days ago, I saw this tweet on Indonesian X about how sellers are moving to their own marketplace platforms due to increasing e-commerce platform fees:</p> <p> <iframe class="tweet-embed" id="tweet-2033512460813312279-794" src="https://platform.twitter.com/embed/Tweet.html?id=2033512460813312279"> </iframe> // Detect dark theme var iframe = document.getElementById('tweet-2033512460813312279-794'); if (document.body.className.includes('dark-theme')) { iframe.src = "https://platform.twitter.com/embed/Tweet.html?id=2033512460813312279&amp;theme=dark" } </p> <p>I remembered a few months ago Payload CMS finally released an update to their <a href="https://payloadcms.com/docs/ecommerce/overview" rel="noopener noreferrer">e-commerce template</a>. After trying it out, it gives you a really good setup for a basic e-commerce with auth, inventory management, cart, and even payment flow using Stripe (with an option to create integrate your own payment method). It even has marketing features such as SEO and page builder, and of course you can customize Payload CMS in any way you want even white-labelling it to use with multiple clients easily.</p> <p>In other news, Hermes Agent has been trending recently on the AI space due to it being a "better" version of OpenClaw. After giving Hermes Agent a spin, I got to say it's very capable, easier to setup, and runs better than OpenClaw! I really appreciate how easy it is to setup the agent with your WhatsApp/Telegram and use it like you would message your personal assistant. It also has a lot of built-in tools to do business stuff like analyzing data, drafting emails, and any task you can automate. It even has memory so it remembers who you are better the more you use it.</p> <p>Considering how much AI agents and LLMs have grown to help automating our tasks and making building products quicker, it wouldn't be crazy to try to build your own e-commerce platform and integrate an actual ai assistant that helps you automate operations so you can focus on important business stuff. In this article, I'll walk you through how to use Payload CMS to build a low-cost e-commerce platform and powering it with Hermes Agent to automatically assist in managing your platform.</p> <h2> What we'll do </h2> <p>We'll setup a basic e-commerce platform complete with auth, inventory management, cart, payment, SEO, and page builder. We won't have to code much since we can just use Payload CMS with its e-commerce template, which basically provides all of those out-of-the-box. Next, we'll setup Hermes Agent locally and connect it to our Payload CMS e-commerce platform using MCP. In the end, we'll have a basic e-commerce platform and an agent we can talk to help manage our platform such as updating the inventory, analyzing user's carts, and even creating blog posts for marketing.</p> <p>You can clone this project's repo here: <a href="https://github.com/ElysMaldov/payload-hermes-ecommerce" rel="noopener noreferrer">ElysMaldov/payload-hermes-ecommerce</a></p> <h2> Setup Payload CMS with e-commerce template </h2> <p>Make sure you've setup your environment to install <a href="https://payloadcms.com/docs/getting-started/installation" rel="noopener noreferrer">Payload CMS</a>, then follow the <a href="https://github.com/payloadcms/payload/tree/main/templates/ecommerce#quick-start" rel="noopener noreferrer">e-commerce template quickstart</a>. For this tutorial, we'll be using SQLite for the database, but you can use any DB you want.</p> <p>Once finished, you can run the program with <code>pnpm dev</code>. I won't go into details about how Payload CMS nor this template works, but just know now we have 2 apps in this 1 project that you can customize however you want:</p> <p>The client facing e-commerce platform in <code>localhost:3000</code>:<br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F5mhe7g3c3a8unj0chnht.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F5mhe7g3c3a8unj0chnht.png" alt=" "></a></p> <p>And the admin dashboard in <code>localhost:3000/admin</code>:<br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fshfa9ysagswg8orqralp.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fshfa9ysagswg8orqralp.png" alt=" "></a></p> <h2> Exploring Payload CMS E-commerce </h2> <p>On the first run, follow the instructions to open the admin dashboard, create your first admin account, seed the database, and go try out the features Payload provides. Optionally, you can create a Stripe account and give it your sandbox mode API key to try out the payment flow. For my Indonesian fellows, you can create custom Payment methods for Xendit, Midtrans, and any other gateways by following this tutorial: <a href="https://payloadcms.com/docs/ecommerce/payments#making-your-own-payment-adapter" rel="noopener noreferrer">Payment Adapters | Documentation | Payload</a>.</p> <p>When your database is seeded, you should now able to see the client e-commerce app is updated with new pages, mainly the Shop page:<br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fyspxog9api2cthvnmrse.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fyspxog9api2cthvnmrse.png" alt=" "></a></p> <p>You can manage your inventory in the admin dashboard by opening the Products collection:<br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F3wledm3b3kazftiozv17.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F3wledm3b3kazftiozv17.png" alt=" "></a></p> <p>As a customer, you can add items to cart, pick product variants, and pay it on the checkout page. As an admin, you can manage all of these data in the admin dashboard. It's really comprehensive for a e-commerce starter, but the template lacks shipping and activity logs, which you can add your own later.</p> <h2> Setting up Hermes Agent </h2> <p>Follow the docs to <a href="https://hermes-agent.nousresearch.com/docs/getting-started/quickstart" rel="noopener noreferrer">install your Hermes Agent</a>. For this tutorial, I'll be using Nous Portal provider, WSL2, and Telegram Bot to communicate with the agent. I created a new WSL2 instance just for this tutorial with this command: <code>wsl --install Ubuntu --name PayloadHermesEcommerce</code>, this prevents the agent from messing with my other existing WSLs. We can assume the agent is working if you can chat with it through the messaging gateway you setup (for me it's Telegram).<br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fwcl8tbtte8dal7g0dwsk.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fwcl8tbtte8dal7g0dwsk.png" alt=" "></a></p> <h2> Integrating Hermes with Payload using MCP plugin </h2> <p>Currently, our Hermes Agent can't really communicate with our Payload app. Sure, we could prompt it to learn our Payload app's API endpoints and make skills/tools for it, but a much more organized way is using MCP. We first need to setup <a href="https://payloadcms.com/docs/plugins/mcp" rel="noopener noreferrer">Payload MCP Plugin</a>, this gives us an organized method to control what our agent can access on our Payload app. Once the MCP server is setup, you can enable/disable which collections and other data your agent can utilize through the MCP. For this tutorial, I enable all the e-commerce collections.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code> <span class="nf">mcpPlugin</span><span class="p">({</span> <span class="na">collections</span><span class="p">:</span> <span class="p">{</span> <span class="na">addresses</span><span class="p">:</span> <span class="p">{</span> <span class="na">enabled</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="p">},</span> <span class="na">carts</span><span class="p">:</span> <span class="p">{</span> <span class="na">enabled</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="p">},</span> <span class="na">categories</span><span class="p">:</span> <span class="p">{</span> <span class="na">enabled</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="p">},</span> <span class="na">forms</span><span class="p">:</span> <span class="p">{</span> <span class="na">enabled</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="p">},</span> <span class="na">media</span><span class="p">:</span> <span class="p">{</span> <span class="na">enabled</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="p">},</span> <span class="na">orders</span><span class="p">:</span> <span class="p">{</span> <span class="na">enabled</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="p">},</span> <span class="na">pages</span><span class="p">:</span> <span class="p">{</span> <span class="na">enabled</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="p">},</span> <span class="na">products</span><span class="p">:</span> <span class="p">{</span> <span class="na">enabled</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="p">},</span> <span class="na">transactions</span><span class="p">:</span> <span class="p">{</span> <span class="na">enabled</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="p">},</span> <span class="na">users</span><span class="p">:</span> <span class="p">{</span> <span class="na">enabled</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="p">},</span> <span class="na">variantOptions</span><span class="p">:</span> <span class="p">{</span> <span class="na">enabled</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="p">},</span> <span class="na">variants</span><span class="p">:</span> <span class="p">{</span> <span class="na">enabled</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="p">},</span> <span class="na">variantTypes</span><span class="p">:</span> <span class="p">{</span> <span class="na">enabled</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="p">},</span> <span class="dl">'</span><span class="s1">form-submissions</span><span class="dl">'</span><span class="p">:</span> <span class="p">{</span> <span class="na">enabled</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="p">},</span> <span class="p">},</span> <span class="p">})</span> </code></pre> </div> <p>Next, you need to configure the MCP client in Hermes Agent config. Open your <code>.hermes/config.yaml</code> and add this section:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">mcp_servers</span><span class="pi">:</span> <span class="na">PayloadHermesEcommerce</span><span class="pi">:</span> <span class="na">type</span><span class="pi">:</span> <span class="s2">"</span><span class="s">http"</span> <span class="na">url</span><span class="pi">:</span> <span class="s2">"</span><span class="s">http://windows.local:3000/api/mcp"</span> <span class="na">headers</span><span class="pi">:</span> <span class="na">Authorization</span><span class="pi">:</span> <span class="s2">"</span><span class="s">Bearer</span><span class="nv"> </span><span class="s">API-KEY-HERE"</span> </code></pre> </div> <p>Replace your <code>API-KEY-HERE</code> with the API key you get from Payload CMS API Keys collection in the admin dashboard that was created from the MCP plugin. </p> <p>Sidenote: your MCP setup might be different from mine, since I run my Hermes Agent on WSL2, I created a custom host <code>windows.local</code> to target my Window host IP address and reach my Payload through <code>localhost:3000</code>, if you run the Payload in another server or alongside where Hermes Agent is running, you might be able to just use localhost or target the Payload host directly.</p> <p>Now run your Payload app and call <code>/reload-mcp</code> on your Hermes Agent. If it works, you should see a success message informing PayloadHermesEcommerce MCP has been added to the agent. I used PayloadHermesEcommerce for a more descriptive name. To test out that the MCP works, try asking your Hermes about what products your e-commerce have:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>What products does my e-commerce have? </code></pre> </div> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fhyr4tikwo9c3z06hhe5y.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fhyr4tikwo9c3z06hhe5y.png" alt=" "></a></p> <p>Hermes will use the tools provided in the MCP and return products from your platform.</p> <h2> Things you can do with the integration </h2> <p>Now it's the fun part! With the MCP running, you are able to manage your Payload e-commerce platform in multiple ways. Let's try researching new products and adding it to the listing by sending this message to the agent through Telegram.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Research 3 Y2K styled clothing items and add them to our platform. Make sure each item has at least 1 image you download from the internet to the gallery and descriptive details. Make sure you fill out the SEO details completely. </code></pre> </div> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmnqtn4t01cglhvcfqmsm.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmnqtn4t01cglhvcfqmsm.png" alt=" "></a><br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F07v6qukmeeneldra0rls.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F07v6qukmeeneldra0rls.png" alt=" "></a></p> <p>Next, let's make a few fake users and transactions, then create a PDF report about our store's performance:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Please make 3 fake customers and 20 fake transactions with variative orders, status, and total. Then, create a PDF report about how our platform is performing and recommendations to improve our sales. </code></pre> </div> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fl8uaaxnqon09mehkhx5t.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fl8uaaxnqon09mehkhx5t.png" alt=" "></a></p> <p>There are multitude of ways you can utilize this integration:</p> <ul> <li>Setup cron job to research the market and update the product listing daily</li> <li>Research and write blog posts or promotion pages with good SEO for your products</li> <li>Analyze stale carts and automatically send personalized emails to remind the user</li> <li>Ask about transaction and orders data to create PDF/Excel reports</li> <li>Feed Hermes with your business information to build a FAQ database</li> <li>Integrate chatbot feature on the e-commerce client app with distinct personality</li> <li>Many more! You can ask Hermes to do all of that just through your Telegram, WhatsApp, and any other messaging gateway you setup. This gives admins an easy way to operate your e-commerce platform.</li> </ul> <h2> Deployment </h2> <p>I won't go into details on how to deploy this but since Payload CMS is a Next.js app, you can deploy it in Vercel and any other methods such as a VPS. For Hermes Agent, you can deploy it to a VPS and set up the Payload MCP to direct to your deployed Payload app. If you use another database such as Postgres, you need to also deploy and manage that. Since you own the source code and agent setup, you are able to optimize your infrastructure cost based on your needs.</p> <h2> Conclusion </h2> <p>AI agents are developing super quickly and its making building products and automating tasks accessible to a wider range of audience. By using Payload CMS e-commerce template with its MCP plugin capabilities, we can create an AI assistant with Hermes Agent that helps automate your e-commerce operations. Since you now own the e-commerce platform and AI agent, you can optimize your expenses.</p> payloadcms hermes webdev ai Reactively logout users on token refresh failure from Dio interceptors using RxDart in Flutter Elys Maldov Sat, 31 Jan 2026 15:33:24 +0000 https://forem.com/elys_m/reactively-logout-users-on-token-refresh-failure-from-dio-interceptors-using-rxdart-in-flutter-399n https://forem.com/elys_m/reactively-logout-users-on-token-refresh-failure-from-dio-interceptors-using-rxdart-in-flutter-399n <p>Firebase auth should cover about 90% of a Flutter app's authentication needs, but what if you need to roll your own auth? Then, you'd need to manually handle trading and saving your JWT tokens from the backend to your app's secure storage. </p> <p>Now, your JWT should have an expiration date, that means you need to refresh your tokens periodically using the refresh token sent by your backend. All seems good until your user logs in to your app after 60 days, by then your access and refresh tokens should expire, and now you are getting 401 errors in your app. </p> <p>Your Dio refresh token interceptor should try to get new tokens using the saved refresh token, but if your refresh token is expired, that won't work. If the user is conscious enough, they would try to logout and login again to get new tokens, but wouldn't it be nicer if in cases of refreshing token failures, our app automatically logs the user out?</p> <p>This might be a rare occurrence, but it was a requirement I had to deal with for a recent project I was working on, <a href="https://app.kawal.io/" rel="noopener noreferrer">Kawal</a>. In this article, I'll explain how I handled refreshing JWT token failures by reactively logging out the user using RxDart. I'll also provide a Flutter app project to explain how the core system works.</p> <h2> Kawal Case Study </h2> <p>The app handles custom JWT authentication using a straightforward flow:</p> <ol> <li>User logs in</li> <li>Backend responds with an access and refresh token</li> <li>Store both of these using flutter secure storage</li> <li>On app startup, read from the secure storage</li> <li>If both tokens exist, then the user is authenticated</li> </ol> <p>Since I’m binding the existence of those tokens to the users authenticated status, logging out could simply be clearing that token and redirecting the user to the login page. Before we move on, this is how the app's auth system is architected:<br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F77kxxyot8x1zvppicd9f.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F77kxxyot8x1zvppicd9f.png" alt="diagram" width="800" height="129"></a></p> <p>The <code>RefreshTokenInterceptor</code> handles refreshing access token by checking if any request responds with a 401 status from the backend. If it does, the interceptor will hit a refresh token endpoint to get and store the new tokens. But, there are situations where refreshing token could fail, for example when the server is down or the refresh token expires. My team agreed that if this happens, we would log the user out.</p> <p>Now I could have this setup to handle that logout:<br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fcl2tujyo1pau4586ts4n.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fcl2tujyo1pau4586ts4n.png" alt="diagram" width="800" height="88"></a></p> <p>Since the existence of auth token is what sets the authentication status, clearing it should suffice. But, our app also have other logic to do during logout:</p> <ol> <li>Clearing shared preferences</li> <li>Calling Google Analytics These methods are handled by the <code>AuthRepository.logout</code> method, so the architecture really looks like this: <img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fw8giohr076u28awlf819.png" alt="diagram" width="800" height="234"> </li> </ol> <p>Since the <code>AuthRepository.logout</code> method is the source-of-truth for logging out, now logging out just by clearing the secure storage in the refresh token interceptor is not sufficient. So why not just use <code>AuthRepository</code> inside of the <code>RefreshTokenInterceptor</code>? Well…<br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F5bnq079iyzwh6w1bz5jz.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F5bnq079iyzwh6w1bz5jz.png" alt="diagram" width="800" height="185"></a></p> <p>Now there’s a circular dependency: Dio is used by AuthService, which is used by AuthRepository, which is used by RefreshTokenInterceptor, which is used by Dio, which is used by AuthService… not good.</p> <p>One option is to just copy-paste the logout method in <code>AuthRepository</code> to <code>RefreshTokenInterceptor</code>, but I prefer to keep things DRY. So in this article, I’ll show you how you can handle this problem by making use of good ol’ RxDart as a signal for app to logout at any point we want.</p> <h2> Tutorial: Getting user’s profile data using JWT </h2> <p>I've built an example project using <a href="https://fakeapi.platzi.com/en" rel="noopener noreferrer">Platzi Fake Store API | Platzi Fake Store API</a> since it supports JWT auth. You can <a href="https://github.com/ElysMaldov/flutter_reactive_logout_example" rel="noopener noreferrer">clone the repository here</a> to read along the code and I'll explain the core mechanics for the rest of this article.</p> <p>The app has simple features:</p> <ol> <li>Unauthenticated users must login/register</li> <li>Authenticated users are redirected to the home screen where they can see their auth-protected user profile</li> </ol> <p>The Platzi API requires us to provide the JWT to get the user’s profile, so this part will be a good example of how we can handle reactive authentication.</p> <h3> RxDart Basic Concepts </h3> <p>Before we dive in to the tutorial, we need to know a few basic concept of RxDart, mainly <code>BehaviorSubject</code> and <code>PublishSubject</code>. These classes are what we call Observables in reactive programming, basically they are “things” our app can “listen” to and based on what “thing” that happened, our app can run certain logic (listeners). </p> <p>These “things” we listen to are Streams. If you have ever used something like Kafka or Pub/Sub, its basically like how you can publish topics and your subscribers/consumers can react to it by triggering certain callbacks, for example calling a function, API endpoint, etc. With reactive programming, we can send (emit) values over time to the stream and our listeners can receive those values to do whatever they want.</p> <p>The main difference between BehaviorSubject and PublishSubject is BehaviorSubjects stores the last emitted value to the stream (stateful) while PublishSubjects don’t (ephemeral). So if a new listener comes in, they will instantly receive the last value; unlike PublishSubject that doesn’t store the last emitted value, so new listeners won’t know what happened last time.<br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F3zk51yufpyr24nnlm7gn.jpg" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F3zk51yufpyr24nnlm7gn.jpg" alt="Behavior subject" width="641" height="821"></a></p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ftu45f3orybpc4btretxt.jpg" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ftu45f3orybpc4btretxt.jpg" alt="Publish subject" width="364" height="811"></a></p> <p>We can use these concepts to solve our reactive logout problem. Imagine if we only cleared the auth token from secure storage, then what? Flutter doesn’t know the user should be redirected to the login screen, we have to do it ourselves. But, redirection is a view layer concern, while our AuthRepository.logout method lives in the AuthRepository which should only concern business logic problems. That means, signaling our app to logout consists of 2 steps:</p> <ol> <li>Clearing the auth token from secure storage (data layer)</li> <li>Redirecting the user to login screen (view layer)</li> </ol> <p>We’ll handle these steps by leveraging reactive programming, we’ll need to setup 2 streams: a stream built with BehaviorSubject to store the user's authentication status and a stream built with PublishSubject to signal our app to logout.</p> <h3> Architecture </h3> <p>This tutorial uses MVVM:<br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Felriokozb1tsd4cei1te.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Felriokozb1tsd4cei1te.png" alt="diagram" width="736" height="70"></a></p> <p>Each layer handles different concerns:</p> <ol> <li>Services: directly calls the Platzi API and returns DTOs (Data Transfer Objects)</li> <li>Repositories: utilizes multiple services and streams to build the business logic</li> <li>Cubits: our ViewModel to abstract away our views’ logic by orchestrating multiple repositories and store state</li> <li>Views: screens that will simply present the data from our cubits states</li> </ol> <p>We’ll also spice things up by introducing dependency injection using get_it. This might seem overkill for this simple app, but I find this setup as a good basis when managing my app that has a lot of business logic and screens going around.</p> <h3> Create AppSignal to emit logout signal </h3> <p>We need a signal that is accessible to any layer of our app without causing a circular dependency. We can fix this easily by creating a dependency called <code>AppSignal</code> that stores any global signals our app can emit/listen to.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight dart"><code><span class="c1">// lib/data/core/app_signals.dart</span> <span class="kn">import</span> <span class="s">'package:logging/logging.dart'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:rxdart/rxdart.dart'</span><span class="o">;</span> <span class="kd">class</span> <span class="nc">AppSignals</span> <span class="p">{</span> <span class="kd">final</span> <span class="n">_log</span> <span class="o">=</span> <span class="n">Logger</span><span class="p">(</span><span class="s">'AppSignals'</span><span class="p">);</span> <span class="kd">final</span> <span class="n">_logoutSignalSubject</span> <span class="o">=</span> <span class="n">PublishSubject</span><span class="p">&lt;</span><span class="kt">Null</span><span class="p">&gt;();</span> <span class="n">Stream</span><span class="p">&lt;</span><span class="kt">Null</span><span class="p">&gt;</span> <span class="kd">get</span> <span class="n">logoutSignalStream</span> <span class="o">=</span><span class="p">&gt;</span> <span class="n">_logoutSignalSubject</span><span class="o">.</span><span class="na">stream</span><span class="p">;</span> <span class="n">Future</span><span class="p">&lt;</span><span class="kt">void</span><span class="p">&gt;</span> <span class="n">emitLogoutSignal</span><span class="p">()</span> <span class="kd">async</span> <span class="p">{</span> <span class="n">_log</span><span class="o">.</span><span class="na">info</span><span class="p">(</span><span class="s">'Emitting logout signal'</span><span class="p">);</span> <span class="n">_logoutSignalSubject</span><span class="o">.</span><span class="na">add</span><span class="p">(</span><span class="kc">null</span><span class="p">);</span> <span class="n">_log</span><span class="o">.</span><span class="na">info</span><span class="p">(</span><span class="s">'Logout signal emitted'</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>We expose a <code>logoutSignalStream</code> that will be listened to by our app to trigger <code>AuthRepository.logout</code> method. With the <code>emitLogoutSignal</code>, we can signal our app to logout anytime and anywhere, since this dependency is a core dependency that can be used on any layer of our app that has access to get_it/any other DI framework you implement.<br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F6igesoncn7oc0mobmglg.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F6igesoncn7oc0mobmglg.png" alt="diagram" width="800" height="171"></a></p> <h3> Listen to logoutSignalStream in AuthRepository </h3> <p>I placed my logout method in AuthRepository, alongside a BehaviorSubject to store the user's current auth status. The logout method will be responsible to clear the auth token, update the user's auth status stream, and do other things such as sending analytics.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight dart"><code><span class="c1">// lib/data/repositories\auth_repository.dart</span> <span class="kn">import</span> <span class="s">'package:flutter_reactive_logout_example/data/core/app_error.dart'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:flutter_reactive_logout_example/data/core/app_signals.dart'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:flutter_reactive_logout_example/data/services/auth_service.dart'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:flutter_reactive_logout_example/data/storage/secure_storage.dart'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:flutter_reactive_logout_example/domain/enums/auth_status.dart'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:flutter_reactive_logout_example/domain/models/auth_token.dart'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:flutter_reactive_logout_example/domain/models/login_request.dart'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:flutter_reactive_logout_example/domain/models/register_request.dart'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:flutter_reactive_logout_example/domain/models/user.dart'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:logging/logging.dart'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:rxdart/rxdart.dart'</span><span class="o">;</span> <span class="kd">abstract</span> <span class="kd">class</span> <span class="nc">AuthRepository</span> <span class="p">{</span> <span class="n">Stream</span><span class="p">&lt;</span><span class="n">AuthStatus</span><span class="p">&gt;</span> <span class="kd">get</span> <span class="n">authStatusStream</span><span class="p">;</span> <span class="n">AuthStatus</span> <span class="kd">get</span> <span class="n">currentAuthStatus</span><span class="p">;</span> <span class="n">Future</span><span class="p">&lt;</span><span class="kt">void</span><span class="p">&gt;</span> <span class="n">register</span><span class="p">(</span><span class="n">RegisterRequest</span> <span class="n">registerRequest</span><span class="p">);</span> <span class="n">Future</span><span class="p">&lt;</span><span class="kt">void</span><span class="p">&gt;</span> <span class="n">login</span><span class="p">(</span><span class="n">LoginRequest</span> <span class="n">loginRequest</span><span class="p">);</span> <span class="n">Future</span><span class="p">&lt;</span><span class="n">User</span><span class="p">&gt;</span> <span class="n">getUserProfile</span><span class="p">();</span> <span class="n">Future</span><span class="p">&lt;</span><span class="kt">void</span><span class="p">&gt;</span> <span class="n">logout</span><span class="p">();</span> <span class="kt">void</span> <span class="n">dispose</span><span class="p">();</span> <span class="p">}</span> <span class="kd">class</span> <span class="nc">AuthRepositoryRemote</span> <span class="kd">extends</span> <span class="n">AuthRepository</span> <span class="p">{</span> <span class="kd">final</span> <span class="n">Logger</span> <span class="n">_log</span> <span class="o">=</span> <span class="n">Logger</span><span class="p">(</span><span class="s">'AuthRepositoryRemote'</span><span class="p">);</span> <span class="kd">final</span> <span class="n">AuthService</span> <span class="n">_authService</span><span class="p">;</span> <span class="kd">final</span> <span class="n">SecureStorage</span> <span class="n">_secureStorage</span><span class="p">;</span> <span class="kd">final</span> <span class="n">AppSignals</span> <span class="n">_appSignals</span><span class="p">;</span> <span class="kd">final</span> <span class="n">BehaviorSubject</span><span class="p">&lt;</span><span class="n">AuthStatus</span><span class="p">&gt;</span> <span class="n">_authStatusSubject</span> <span class="o">=</span> <span class="n">BehaviorSubject</span><span class="p">&lt;</span><span class="n">AuthStatus</span><span class="p">&gt;</span><span class="o">.</span><span class="na">seeded</span><span class="p">(</span><span class="n">AuthStatus</span><span class="o">.</span><span class="na">unknown</span><span class="p">);</span> <span class="nd">@override</span> <span class="n">Stream</span><span class="p">&lt;</span><span class="n">AuthStatus</span><span class="p">&gt;</span> <span class="kd">get</span> <span class="n">authStatusStream</span> <span class="o">=</span><span class="p">&gt;</span> <span class="n">_authStatusSubject</span><span class="o">.</span><span class="na">stream</span><span class="p">;</span> <span class="nd">@override</span> <span class="n">AuthStatus</span> <span class="kd">get</span> <span class="n">currentAuthStatus</span> <span class="o">=</span><span class="p">&gt;</span> <span class="n">_authStatusSubject</span><span class="o">.</span><span class="na">value</span><span class="p">;</span> <span class="n">AuthRepositoryRemote</span><span class="p">({</span> <span class="kd">required</span> <span class="n">AuthService</span> <span class="n">authService</span><span class="p">,</span> <span class="kd">required</span> <span class="n">SecureStorage</span> <span class="n">secureStorage</span><span class="p">,</span> <span class="kd">required</span> <span class="n">AppSignals</span> <span class="n">appSignals</span><span class="p">,</span> <span class="p">})</span> <span class="o">:</span> <span class="n">_authService</span> <span class="o">=</span> <span class="n">authService</span><span class="p">,</span> <span class="n">_secureStorage</span> <span class="o">=</span> <span class="n">secureStorage</span><span class="p">,</span> <span class="n">_appSignals</span> <span class="o">=</span> <span class="n">appSignals</span> <span class="p">{</span> <span class="c1">// ...</span> <span class="n">_listenToLogoutSignal</span><span class="p">();</span> <span class="p">}</span> <span class="kt">void</span> <span class="n">_listenToLogoutSignal</span><span class="p">()</span> <span class="p">{</span> <span class="n">_appSignals</span><span class="o">.</span><span class="na">logoutSignalStream</span><span class="o">.</span><span class="na">listen</span><span class="p">((</span><span class="n">_</span><span class="p">)</span> <span class="kd">async</span> <span class="p">{</span> <span class="n">_log</span><span class="o">.</span><span class="na">info</span><span class="p">(</span><span class="s">'Logout signal received, performing logout'</span><span class="p">);</span> <span class="k">await</span> <span class="n">logout</span><span class="p">();</span> <span class="p">});</span> <span class="p">}</span> <span class="c1">// ...</span> <span class="nd">@override</span> <span class="n">Future</span><span class="p">&lt;</span><span class="kt">void</span><span class="p">&gt;</span> <span class="n">logout</span><span class="p">()</span> <span class="kd">async</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="n">_log</span><span class="o">.</span><span class="na">info</span><span class="p">(</span><span class="s">'Logging out user'</span><span class="p">);</span> <span class="k">await</span> <span class="n">_secureStorage</span><span class="o">.</span><span class="na">clearAuthToken</span><span class="p">();</span> <span class="c1">// TODO do other things (send analytics, clear shared preferences, etc.)</span> <span class="n">_authStatusSubject</span><span class="o">.</span><span class="na">add</span><span class="p">(</span><span class="n">AuthStatus</span><span class="o">.</span><span class="na">unauthenticated</span><span class="p">);</span> <span class="n">_log</span><span class="o">.</span><span class="na">info</span><span class="p">(</span><span class="s">'Logout successful'</span><span class="p">);</span> <span class="p">}</span> <span class="k">catch</span> <span class="p">(</span><span class="n">e</span><span class="p">,</span> <span class="n">stack</span><span class="p">)</span> <span class="p">{</span> <span class="kd">final</span> <span class="n">appError</span> <span class="o">=</span> <span class="n">_mapToAppError</span><span class="p">(</span><span class="n">e</span><span class="p">);</span> <span class="n">_log</span><span class="o">.</span><span class="na">severe</span><span class="p">(</span><span class="s">'Logout failed'</span><span class="p">,</span> <span class="n">appError</span><span class="p">,</span> <span class="n">stack</span><span class="p">);</span> <span class="n">_authStatusSubject</span><span class="o">.</span><span class="na">add</span><span class="p">(</span><span class="n">AuthStatus</span><span class="o">.</span><span class="na">unauthenticated</span><span class="p">);</span> <span class="k">throw</span> <span class="n">appError</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> <span class="c1">// ...</span> <span class="p">}</span> </code></pre> </div> <p>During the construction of the class, we depend on the AppSignals and listen to its logoutSignalStream to trigger the logout method. Later, the rest of our app can emit a logout signal and our AuthRepository will handle logging out. This is much cleaner, since if we ever need to modify the logout method, we just have to modify it in this one repository.</p> <h3> Emit logout signal in refresh token interceptor </h3> <p>We'll handle refreshing the user's token using a Dio interceptor.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight dart"><code><span class="c1">// lib/config/dio/interceptors/refresh_token_interceptor.dart</span> <span class="kn">import</span> <span class="s">'package:dio/dio.dart'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:flutter_reactive_logout_example/config/api_routes.dart'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:flutter_reactive_logout_example/data/core/app_error.dart'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:flutter_reactive_logout_example/data/core/app_signals.dart'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:flutter_reactive_logout_example/data/storage/secure_storage.dart'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:flutter_reactive_logout_example/domain/models/auth_token.dart'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:logging/logging.dart'</span><span class="o">;</span> <span class="c1">/// Uses [QueuedInterceptorsWrapper] so if multiple request fails at once, we refresh</span> <span class="c1">/// the first one before retrying the rest using the new token</span> <span class="kd">class</span> <span class="nc">RefreshTokenInterceptor</span> <span class="kd">extends</span> <span class="n">QueuedInterceptorsWrapper</span> <span class="p">{</span> <span class="kd">final</span> <span class="n">Dio</span> <span class="n">_dio</span><span class="p">;</span> <span class="kd">final</span> <span class="n">SecureStorage</span> <span class="n">_storage</span><span class="p">;</span> <span class="kd">final</span> <span class="n">AppSignals</span> <span class="n">_appSignals</span><span class="p">;</span> <span class="kd">final</span> <span class="n">_log</span> <span class="o">=</span> <span class="n">Logger</span><span class="p">(</span><span class="s">'RefreshTokenInterceptor'</span><span class="p">);</span> <span class="n">RefreshTokenInterceptor</span><span class="p">({</span> <span class="kd">required</span> <span class="n">Dio</span> <span class="n">dio</span><span class="p">,</span> <span class="kd">required</span> <span class="n">SecureStorage</span> <span class="n">storage</span><span class="p">,</span> <span class="kd">required</span> <span class="n">AppSignals</span> <span class="n">appSignals</span><span class="p">,</span> <span class="p">})</span> <span class="o">:</span> <span class="n">_dio</span> <span class="o">=</span> <span class="n">dio</span><span class="p">,</span> <span class="n">_storage</span> <span class="o">=</span> <span class="n">storage</span><span class="p">,</span> <span class="n">_appSignals</span> <span class="o">=</span> <span class="n">appSignals</span><span class="p">;</span> <span class="c1">// ...</span> <span class="nd">@override</span> <span class="n">Future</span><span class="p">&lt;</span><span class="kt">void</span><span class="p">&gt;</span> <span class="n">onError</span><span class="p">(</span> <span class="n">DioException</span> <span class="n">err</span><span class="p">,</span> <span class="n">ErrorInterceptorHandler</span> <span class="n">handler</span><span class="p">,</span> <span class="p">)</span> <span class="kd">async</span> <span class="p">{</span> <span class="kd">final</span> <span class="n">isUnauthorized</span> <span class="o">=</span> <span class="n">err</span><span class="o">.</span><span class="na">response</span><span class="o">?.</span><span class="na">statusCode</span> <span class="o">==</span> <span class="mi">401</span><span class="p">;</span> <span class="c1">// Avoid infinite loop if the refresh-token endpoint itself fails</span> <span class="kd">final</span> <span class="n">isRefreshRequest</span> <span class="o">=</span> <span class="n">err</span><span class="o">.</span><span class="na">requestOptions</span><span class="o">.</span><span class="na">path</span><span class="o">.</span><span class="na">contains</span><span class="p">(</span> <span class="n">ApiRoutes</span><span class="o">.</span><span class="na">refreshToken</span><span class="p">,</span> <span class="p">);</span> <span class="k">if</span> <span class="p">(</span><span class="n">isUnauthorized</span> <span class="o">&amp;&amp;</span> <span class="o">!</span><span class="n">isRefreshRequest</span><span class="p">)</span> <span class="p">{</span> <span class="n">_log</span><span class="o">.</span><span class="na">warning</span><span class="p">(</span><span class="s">'Token expired! Refreshing token...'</span><span class="p">);</span> <span class="c1">// ... handle refreshing logic</span> <span class="p">}</span> <span class="k">catch</span> <span class="p">(</span><span class="n">e</span><span class="p">)</span> <span class="p">{</span> <span class="n">_log</span><span class="o">.</span><span class="na">severe</span><span class="p">(</span><span class="s">'Refresh token failed. Logging user out'</span><span class="p">,</span> <span class="n">e</span><span class="p">);</span> <span class="kd">final</span> <span class="n">appError</span> <span class="o">=</span> <span class="n">AppError</span><span class="o">.</span><span class="na">from</span><span class="p">(</span><span class="n">e</span><span class="p">);</span> <span class="c1">// Important piece to signal logout for our app</span> <span class="n">_appSignals</span><span class="o">.</span><span class="na">emitLogoutSignal</span><span class="p">();</span> <span class="k">return</span> <span class="n">handler</span><span class="o">.</span><span class="na">next</span><span class="p">(</span> <span class="n">DioException</span><span class="p">(</span><span class="nl">requestOptions:</span> <span class="n">err</span><span class="o">.</span><span class="na">requestOptions</span><span class="p">,</span> <span class="nl">error:</span> <span class="n">appError</span><span class="p">),</span> <span class="p">);</span> <span class="p">}</span> <span class="p">}</span> <span class="k">return</span> <span class="n">handler</span><span class="o">.</span><span class="na">next</span><span class="p">(</span><span class="n">err</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>Notice how it wraps the refreshing logic in a try/catch, and the catch block calls <code>_appSignals.emitLogoutSignal()</code>. Whenever the refresh token logic fails, we can assume the user should logout to get new tokens. By calling that method, we'll trigger the listener in <code>AppRepository</code> earlier that calls the logout method. Side note, this interceptor only runs if your request encounters an error, specifically a 401 error. My team agreed that encountering a 401 status means the user should try to refresh their tokens, but your requirement may vary.</p> <h3> Reactively navigate using GoRouter's refreshListenable </h3> <p>So far we've only managed the auth status in the data layer, but haven't really tied it with the app's actual navigation to the login screen. We can use GoRouter's refreshListenable to listen to a Listenable and trigger navigation whenever that Listenable changes.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight dart"><code><span class="c1">// lib/routing/router.dart</span> <span class="kn">import</span> <span class="s">'package:flutter/material.dart'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:flutter_bloc/flutter_bloc.dart'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:flutter_reactive_logout_example/domain/enums/auth_status.dart'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:go_router/go_router.dart'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:flutter_reactive_logout_example/config/dependencies.dart'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:flutter_reactive_logout_example/data/repositories/auth_repository.dart'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:flutter_reactive_logout_example/ui/home/cubit/home_cubit.dart'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:flutter_reactive_logout_example/ui/home/widgets/home_screen.dart'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:flutter_reactive_logout_example/ui/login/cubit/login_cubit.dart'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:flutter_reactive_logout_example/ui/login/widgets/login_screen.dart'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:flutter_reactive_logout_example/ui/register/cubit/register_cubit.dart'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:flutter_reactive_logout_example/ui/register/widgets/register_screen.dart'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:flutter_reactive_logout_example/ui/splash/splash_screen.dart'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'routes.dart'</span><span class="o">;</span> <span class="c1">/// AppRouter class that configures go_router with authentication guard and reactive navigation</span> <span class="kd">class</span> <span class="nc">AppRouter</span> <span class="kd">extends</span> <span class="n">ChangeNotifier</span> <span class="p">{</span> <span class="n">AppRouter</span><span class="p">()</span> <span class="p">{</span> <span class="n">_setupAuthListener</span><span class="p">();</span> <span class="p">}</span> <span class="kd">final</span> <span class="n">AuthRepository</span> <span class="n">_authRepository</span> <span class="o">=</span> <span class="n">DependencyManager</span><span class="o">.</span><span class="na">get</span><span class="p">&lt;</span><span class="n">AuthRepository</span><span class="p">&gt;();</span> <span class="c1">/// Listen to any stream from any repositories to reactively update the user's navigation</span> <span class="kt">void</span> <span class="n">_setupAuthListener</span><span class="p">()</span> <span class="p">{</span> <span class="n">_authRepository</span><span class="o">.</span><span class="na">authStatusStream</span><span class="o">.</span><span class="na">listen</span><span class="p">((</span><span class="n">_</span><span class="p">)</span> <span class="p">{</span> <span class="n">notifyListeners</span><span class="p">();</span> <span class="p">});</span> <span class="p">}</span> <span class="c1">/// Creates the GoRouter instance with auth guard and route configuration</span> <span class="n">GoRouter</span> <span class="kd">get</span> <span class="n">router</span> <span class="p">{</span> <span class="k">return</span> <span class="n">GoRouter</span><span class="p">(</span> <span class="nl">initialLocation:</span> <span class="n">Routes</span><span class="o">.</span><span class="na">splashScreen</span><span class="p">,</span> <span class="nl">redirect:</span> <span class="n">_handleRedirect</span><span class="p">,</span> <span class="nl">routes:</span> <span class="n">_routes</span><span class="p">,</span> <span class="nl">refreshListenable:</span> <span class="k">this</span><span class="p">,</span> <span class="p">);</span> <span class="p">}</span> <span class="c1">/// Auth guard redirect logic</span> <span class="c1">/// Listens to authStatusStream and redirects based on authentication state</span> <span class="n">Future</span><span class="p">&lt;</span><span class="kt">String</span><span class="o">?</span><span class="p">&gt;</span> <span class="n">_handleRedirect</span><span class="p">(</span> <span class="n">BuildContext</span> <span class="n">context</span><span class="p">,</span> <span class="n">GoRouterState</span> <span class="n">state</span><span class="p">,</span> <span class="p">)</span> <span class="kd">async</span> <span class="p">{</span> <span class="kd">final</span> <span class="n">authRepository</span> <span class="o">=</span> <span class="n">DependencyManager</span><span class="o">.</span><span class="na">get</span><span class="p">&lt;</span><span class="n">AuthRepository</span><span class="p">&gt;();</span> <span class="kd">final</span> <span class="n">authStatus</span> <span class="o">=</span> <span class="n">authRepository</span><span class="o">.</span><span class="na">currentAuthStatus</span><span class="p">;</span> <span class="kd">final</span> <span class="n">location</span> <span class="o">=</span> <span class="n">state</span><span class="o">.</span><span class="na">uri</span><span class="o">.</span><span class="na">toString</span><span class="p">();</span> <span class="c1">// Define public routes that don't require authentication</span> <span class="kd">final</span> <span class="n">isPublicRoute</span> <span class="o">=</span> <span class="n">location</span> <span class="o">==</span> <span class="n">Routes</span><span class="o">.</span><span class="na">login</span> <span class="o">||</span> <span class="n">location</span> <span class="o">==</span> <span class="n">Routes</span><span class="o">.</span><span class="na">register</span><span class="p">;</span> <span class="c1">// Handle redirect based on auth status</span> <span class="k">switch</span> <span class="p">(</span><span class="n">authStatus</span><span class="p">)</span> <span class="p">{</span> <span class="k">case</span> <span class="n">AuthStatus</span><span class="o">.</span><span class="na">authenticated</span><span class="o">:</span> <span class="k">if</span> <span class="p">(</span><span class="n">location</span> <span class="o">==</span> <span class="n">Routes</span><span class="o">.</span><span class="na">splashScreen</span> <span class="o">||</span> <span class="n">isPublicRoute</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="n">Routes</span><span class="o">.</span><span class="na">home</span><span class="p">;</span> <span class="p">}</span> <span class="k">break</span><span class="p">;</span> <span class="k">case</span> <span class="n">AuthStatus</span><span class="o">.</span><span class="na">unauthenticated</span><span class="o">:</span> <span class="k">if</span> <span class="p">(</span><span class="o">!</span><span class="n">isPublicRoute</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="n">Routes</span><span class="o">.</span><span class="na">login</span><span class="p">;</span> <span class="p">}</span> <span class="k">break</span><span class="p">;</span> <span class="k">case</span> <span class="n">AuthStatus</span><span class="o">.</span><span class="na">unknown</span><span class="o">:</span> <span class="k">break</span><span class="p">;</span> <span class="p">}</span> <span class="k">return</span> <span class="kc">null</span><span class="p">;</span> <span class="p">}</span> <span class="c1">/// Route definitions</span> <span class="kt">List</span><span class="p">&lt;</span><span class="n">GoRoute</span><span class="p">&gt;</span> <span class="kd">get</span> <span class="n">_routes</span> <span class="o">=</span><span class="p">&gt;</span> <span class="p">[</span> <span class="n">GoRoute</span><span class="p">(</span> <span class="nl">path:</span> <span class="n">Routes</span><span class="o">.</span><span class="na">splashScreen</span><span class="p">,</span> <span class="nl">name:</span> <span class="s">'splash'</span><span class="p">,</span> <span class="nl">builder:</span> <span class="p">(</span><span class="n">context</span><span class="p">,</span> <span class="n">state</span><span class="p">)</span> <span class="o">=</span><span class="p">&gt;</span> <span class="kd">const</span> <span class="n">SplashScreen</span><span class="p">(),</span> <span class="p">),</span> <span class="n">GoRoute</span><span class="p">(</span> <span class="nl">path:</span> <span class="n">Routes</span><span class="o">.</span><span class="na">login</span><span class="p">,</span> <span class="nl">name:</span> <span class="s">'login'</span><span class="p">,</span> <span class="nl">builder:</span> <span class="p">(</span><span class="n">context</span><span class="p">,</span> <span class="n">state</span><span class="p">)</span> <span class="o">=</span><span class="p">&gt;</span> <span class="n">BlocProvider</span><span class="p">(</span> <span class="nl">create:</span> <span class="p">(</span><span class="n">context</span><span class="p">)</span> <span class="o">=</span><span class="p">&gt;</span> <span class="n">LoginCubit</span><span class="p">(</span><span class="nl">authRepository:</span> <span class="n">DependencyManager</span><span class="o">.</span><span class="na">get</span><span class="p">&lt;</span><span class="n">AuthRepository</span><span class="p">&gt;()),</span> <span class="nl">child:</span> <span class="kd">const</span> <span class="n">LoginScreen</span><span class="p">(),</span> <span class="p">),</span> <span class="p">),</span> <span class="n">GoRoute</span><span class="p">(</span> <span class="nl">path:</span> <span class="n">Routes</span><span class="o">.</span><span class="na">register</span><span class="p">,</span> <span class="nl">name:</span> <span class="s">'register'</span><span class="p">,</span> <span class="nl">builder:</span> <span class="p">(</span><span class="n">context</span><span class="p">,</span> <span class="n">state</span><span class="p">)</span> <span class="o">=</span><span class="p">&gt;</span> <span class="n">BlocProvider</span><span class="p">(</span> <span class="nl">create:</span> <span class="p">(</span><span class="n">context</span><span class="p">)</span> <span class="o">=</span><span class="p">&gt;</span> <span class="n">RegisterCubit</span><span class="p">(</span> <span class="nl">authRepository:</span> <span class="n">DependencyManager</span><span class="o">.</span><span class="na">get</span><span class="p">&lt;</span><span class="n">AuthRepository</span><span class="p">&gt;(),</span> <span class="p">),</span> <span class="nl">child:</span> <span class="kd">const</span> <span class="n">RegisterScreen</span><span class="p">(),</span> <span class="p">),</span> <span class="p">),</span> <span class="n">GoRoute</span><span class="p">(</span> <span class="nl">path:</span> <span class="n">Routes</span><span class="o">.</span><span class="na">home</span><span class="p">,</span> <span class="nl">name:</span> <span class="s">'home'</span><span class="p">,</span> <span class="nl">builder:</span> <span class="p">(</span><span class="n">context</span><span class="p">,</span> <span class="n">state</span><span class="p">)</span> <span class="o">=</span><span class="p">&gt;</span> <span class="n">BlocProvider</span><span class="p">(</span> <span class="nl">create:</span> <span class="p">(</span><span class="n">context</span><span class="p">)</span> <span class="o">=</span><span class="p">&gt;</span> <span class="n">HomeCubit</span><span class="p">(</span><span class="nl">authRepository:</span> <span class="n">DependencyManager</span><span class="o">.</span><span class="na">get</span><span class="p">&lt;</span><span class="n">AuthRepository</span><span class="p">&gt;()),</span> <span class="nl">child:</span> <span class="kd">const</span> <span class="n">HomeScreen</span><span class="p">(),</span> <span class="p">),</span> <span class="p">),</span> <span class="p">];</span> <span class="p">}</span> </code></pre> </div> <p>The way I did it is by wrapping the router in a class that extends ChangeNotifier. This effectively turns <code>this</code> into a Listenable that the router listens to. This allows us to listen to multiple streams and notify the Listenable (such as the <code>_setupAuthListener</code> method), that will then, trigger the redirect method of the router. The <code>_handleRedirect</code> method will be triggered whenever we notify something through a stream listener or any other method inside of the class.<br> We can then wrap the router around the main app:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight dart"><code><span class="c1">// lib/main.dart</span> <span class="kn">import</span> <span class="s">'package:flutter/material.dart'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:flutter_reactive_logout_example/config/dependencies.dart'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:flutter_reactive_logout_example/routing/router.dart'</span><span class="o">;</span> <span class="kn">import</span> <span class="s">'package:logging/logging.dart'</span><span class="o">;</span> <span class="kt">void</span> <span class="nf">main</span><span class="p">()</span> <span class="kd">async</span> <span class="p">{</span> <span class="n">WidgetsFlutterBinding</span><span class="o">.</span><span class="na">ensureInitialized</span><span class="p">();</span> <span class="n">Logger</span><span class="o">.</span><span class="na">root</span><span class="o">.</span><span class="na">level</span> <span class="o">=</span> <span class="n">Level</span><span class="o">.</span><span class="na">ALL</span><span class="p">;</span> <span class="n">Logger</span><span class="o">.</span><span class="na">root</span><span class="o">.</span><span class="na">onRecord</span><span class="o">.</span><span class="na">listen</span><span class="p">((</span><span class="n">record</span><span class="p">)</span> <span class="p">{</span> <span class="n">debugPrint</span><span class="p">(</span><span class="s">'</span><span class="si">${record.level.name}</span><span class="s">: </span><span class="si">${record.time}</span><span class="s">: </span><span class="si">${record.message}</span><span class="s">'</span><span class="p">);</span> <span class="p">});</span> <span class="k">await</span> <span class="n">DependencyManager</span><span class="o">.</span><span class="na">setup</span><span class="p">();</span> <span class="n">runApp</span><span class="p">(</span><span class="kd">const</span> <span class="n">MainApp</span><span class="p">());</span> <span class="p">}</span> <span class="kd">class</span> <span class="nc">MainApp</span> <span class="kd">extends</span> <span class="n">StatelessWidget</span> <span class="p">{</span> <span class="kd">const</span> <span class="n">MainApp</span><span class="p">({</span><span class="k">super</span><span class="o">.</span><span class="na">key</span><span class="p">});</span> <span class="nd">@override</span> <span class="n">Widget</span> <span class="n">build</span><span class="p">(</span><span class="n">BuildContext</span> <span class="n">context</span><span class="p">)</span> <span class="p">{</span> <span class="kd">final</span> <span class="n">appRouter</span> <span class="o">=</span> <span class="n">AppRouter</span><span class="p">();</span> <span class="k">return</span> <span class="n">MaterialApp</span><span class="o">.</span><span class="na">router</span><span class="p">(</span> <span class="nl">routerConfig:</span> <span class="n">appRouter</span><span class="o">.</span><span class="na">router</span><span class="p">,</span> <span class="nl">title:</span> <span class="s">'Flutter Reactive Logout Example'</span><span class="p">,</span> <span class="nl">debugShowCheckedModeBanner:</span> <span class="kc">false</span><span class="p">,</span> <span class="p">);</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>Now, we have finished tying together our logout signal to our app's navigation:</p> <ol> <li>Refresh token fails, emit logout signal in <code>RefreshTokenInterceptor</code> </li> <li> <code>AuthRepository</code> listen to logout signal to call <code>logout</code>, which will update our <code>authStatusStream</code> into unauthenticated</li> <li> <code>AppRouter.router</code> listens to the auth status change, and redirect user to the login page since they are now unauthenticated</li> </ol> <h2> That's it! </h2> <p>By leveraging RxDart, we can store the user's auth status and signal our app to logout by exposing streams. Our app signals can be listened to by any layer of our app since its a core dependency. We utilize this by emitting logout signal when token refresh fails, which will reactively update our auth status and redirec the user to the login screen.<br> You should run <a href="https://github.com/ElysMaldov/flutter_reactive_logout_example" rel="noopener noreferrer">the demo app</a> to see how the interceptor and stream works. There is a demo logout button in <code>home_screen.dart</code> that will always trigger the <code>RefreshTokenInterceptor</code> catch block.</p> <p>Have you ever encountered a similar situation where you need to logout the user when the token refresh fails? I'd love to hear your experiences in the comments!</p> flutter mobile rxdart authentication [DEVLOG] Payload CMS Booster: Day 1 - 2 Elys Maldov Tue, 13 Jan 2026 16:19:45 +0000 https://forem.com/elys_m/devlog-payload-cms-booster-day-1-2-2oed https://forem.com/elys_m/devlog-payload-cms-booster-day-1-2-2oed <p>I've been using Payload CMS a lot, and I believe it's becoming a pretty hot emerging tech in the Next.js space. As someone who's used to building APIs in Express and developing admin dashboards in React from scratch, it gets pretty tedious when basic APIs and logic (like CRUD-ing a table or handling login screens) get repeated over and over.</p> <p>Sure, I've used Prisma, Drizzle, tRPC, admin dashboard templates, and the good ol' CTRL+C CTRL+V, but still having to separately handle the backend and frontend for a feature felt like it could be easier. So you should see my face when I first tried out Payload CMS with its config-based approach of building the frontend, backend, and even the data layer of an app. It's so much quicker to declare a Payload collection, which is then generated as a frontend in the admin dashboard, backend APIs, and Drizzle schemas with TypeScript interfaces for me to use instantly. This process would've taken me hours or even days if I were to use my good ol' MERN stack, but with Payload its just instant!</p> <p>I have no qualms with Payload's DX (though the documentation for advanced use-cases does leave much to be desired), but I'm starting to feel friction when working on a large Payload project with about 20+ collections. My biggest Payload project, <a href="https://akasiaedu.com/en" rel="noopener noreferrer">Akasia Education</a>, has about 30+ collections with some of them having complex relationships/join fields to multiple other collections. Having an ERD does help, but it's hard for me to actually visualize how it's implemented in Payload CMS. I would have to read each payload collection individually, see their relationship/join field, and imagine it in my head if it fits with my ERD or not. I even encountered errors that were hard to debug due to my collections having multiple relationships with other collections, where those collections have relationships with other collections, and so forth.</p> <p>Usually, finding where a piece of variable/function/class is used on a project is easy in an IDE with features like go-to definitions or find all references. But finding where a Payload collection is referenced by other collections is more difficult since relationship/join fields use another collection's slug, which are just strings that cannot be used for go-to definitions/find all references in IDEs. So, being inspired by <a href="https://www.codecanvas.app/" rel="noopener noreferrer">Code Canvas</a> extension and always wanting to make a VSCode extension on my own, is it possible to build a Payload CMS collection visualizer where I can simply see how each collection relates to one another?</p> <h1> The idea </h1> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fik9sn98k1o95jmmfixwx.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fik9sn98k1o95jmmfixwx.png" alt=" " width="800" height="564"></a></p> <p>It's super simple: get all Payload collection in a project, analyze their relationship, and visualize them in a canvas like above. Having something like this would really help me visualize my big Payload project without having to take out a pen-and-pencil or always compare it againts my ERD.</p> <h1> Making sure it's possible </h1> <p>With nothing else to do in my free time, I just started building this extension idea. The main idea is that my extension can be activated on a Payload CMS project, and it will traverse the collections to build a visualizer to show how each collection relates to the others. Basically, I want to make something like Code Canvas, but for Payload collections.</p> <p>Obivously the first thing I need to ensure is if it's even possible. Well, if Code Canvas is possible, then of course this idea should also be. Specifically, I need to make sure how I would implement this and what stack I need.</p> <p>Reading VSCode extension development docs, it is possible by making a <a href="https://code.visualstudio.com/api/extension-guides/webview" rel="noopener noreferrer">webview-based extension</a>. Frankly, there's not much <em>structured</em> resource on how to build a webview VSCode extension, but after some digging, I found 2 good repositories to serve as a boilerplate: <a href="https://github.com/microsoft/vscode-webview-ui-toolkit-samples/tree/main/frameworks/hello-world-react-vite" rel="noopener noreferrer">Microsoft's official example</a> and <a href="https://github.com/QiyuanChen02/react-webview" rel="noopener noreferrer">QiyuanChen02 repo</a>.</p> <p>Ultimately, I chose QiyuanChen02's repo since its newer, but these 2 repo provides a boilerplate for VSCode webview extension using React + Vite and hot-reload. The gist of the development flow is I just build a normal React app whose built code will be rendered as a webview in VSCode, and I can pass messages between VSCode and my webview using <a href="https://code.visualstudio.com/api/extension-guides/webview#scripts-and-message-passing" rel="noopener noreferrer">message passing</a>. Next is how to render the visualizer. I chose <a href="https://reactflow.dev/" rel="noopener noreferrer">React Flow</a> since it's super popular for this.</p> <p>Now that the basic prerequisite is possible for me to build the extension, it's time to actually build the extension and not abandon it as another side project.</p> <h1> Actually building the extension </h1> <p>I forked QiyuanChen02's repo to quickly bootstrap my extension project here: <a href="https://github.com/ElysMaldov/payload-cms-booster" rel="noopener noreferrer">https://github.com/ElysMaldov/payload-cms-booster</a>. I called it Payload CMS Booster because I have a few other ideas for this extension to boost working with Payload in VSCode. It just works by running the debug mode (F5), it will open up another VSCode window with my custom command to show the React app in a webview. I added a new launch JSON that starts the debug VSCode window in a clean slate by disabling all other extensions except the one I'm developing and also opening an existing Payload project to test it later; I placed this new debug config in the <code>launch.json</code>.</p> <p>For the folder structure, it's quite straightforward. I have a "root" project with the main entrypoint being the <code>src/extension.ts</code>. This is where I register my webview to the extension. The webview takes in the <code>dist</code> folder of the React webview subproject in the <code>webview</code> folder. I have 2 projects, each having its own dependencies. For now, this works, but I could potentially turn it into a monorepo like how <a href="https://github.com/Kilo-Org/kilocode" rel="noopener noreferrer">Kilo Code</a> does it.</p> <p>To run the project, I need to run the dev server in the <code>webview</code> project and start a debugger to open up another VSCode window. In that new window, I can access the command to bring up the webview (currently the command is "Payload CMS Booster: Visualize" specified in the root package.json or VSCode calls it extension manifest). Then I can just work on the webview project like a regular React + Vite project with HMR working.</p> <p>The latest progress I made with this repo is setting up an example React Flow component. I haven't really thought much about how to architect this project but I'll try applying parts of MVVM since I've been working on a lot of Flutter these days; mainly I need to separate between the data and UI layer, and use domain models a lot so I don't have to worry much about how to pass my actual payload collection data from VSCode since I can just assume that's a DTO I need to map to my domain model. </p> <p>So my next step is how can I traverse all of the Payload collection in a project, analyze their relationships with each other, and structure it for my webview and finally render it in React Flow? The idea I have so far is to read the payload.config.ts, iterate through each collection to collect their slug, and build their relationship based on the existence of either a relationship/join field in that collection. This seems okay so far since a relationship/join field refers to another collection using their unique slug, so I could use this as an id for each collection. I thought about using the generated payload-types.ts file, but it seems wayyyy more complicated than a regular Payload collection file.</p> <p>I'll update again soon 😸.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F6a722o4gjacxzyxpa9sy.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F6a722o4gjacxzyxpa9sy.png" alt=" " width="800" height="480"></a></p> programming vscode payloadcms extensions