EOSIO · bradlhart · Feb 26, 2020 · Feb 14, 2020 · Feb 18, 2020 · Feb 18, 2020
diff --git a/__tests__/UALProvider.js b/__tests__/UALProvider.js
@@ -38,9 +38,13 @@ describe('UALProvider', () => {
       expect(spy).toHaveBeenCalled()
     })
 
-    it('that attempts auto-login if authenticator type is in localStorage', async () => {
+    it('that attempts auto-login if authenticator type is in localStorage and not invalidated', async () => {
       localStorage.setItem('UALAccountName', 'Example')
       localStorage.setItem('UALLoggedInAuthType', 'Scatter')
+      const invalidateAt = new Date();
+      invalidateAt.setSeconds(invalidateAt.getSeconds() + 100);
+      window.localStorage.setItem('UALInvalidateAt', invalidateAt)
+
       const spy = jest.spyOn(wrapper.instance(), 'getAuthenticatorInstance')
       wrapper.instance().componentDidMount()
       expect(spy).toHaveBeenCalled()
@@ -51,6 +55,18 @@ describe('UALProvider', () => {
       wrapper.instance().componentDidMount()
       expect(spy).not.toHaveBeenCalled()
     })
+
+    it('that does not attempt to auto-login if localStorage is outdated', async () => {
+      localStorage.setItem('UALAccountName', 'Example')
+      localStorage.setItem('UALLoggedInAuthType', 'Scatter')
+      const invalidateAt = new Date();
+      invalidateAt.setSeconds(invalidateAt.getSeconds() - 1);
+      window.localStorage.setItem('UALInvalidateAt', invalidateAt)
+
+      const spy = jest.spyOn(wrapper.instance(), 'getAuthenticatorInstance')
+      wrapper.instance().componentDidMount()
+      expect(spy).not.toHaveBeenCalled()
+    })
   })
 
   describe('has a fetchAuthenticators method', () => {
@@ -138,15 +154,20 @@ describe('UALProvider', () => {
     it('that clears the localStorage', () => {
       localStorage.setItem('UALAccountName', 'Example')
       localStorage.setItem('UALLoggedInAuthType', 'Scatter')
+      const invalidateAt = new Date();
+      invalidateAt.setSeconds(invalidateAt.getSeconds() - 1);
+      window.localStorage.setItem('UALInvalidateAt', invalidateAt)
       const activeAuthenticator = wrapper.state().availableAuthenticators[0]
       wrapper.setState({
         activeAuthenticator,
       })
       expect(localStorage.hasOwnProperty('UALAccountName')).toBe(true)
       expect(localStorage.hasOwnProperty('UALLoggedInAuthType')).toBe(true)
+      expect(localStorage.hasOwnProperty('UALInvalidateAt')).toBe(true)
       wrapper.state().logout()
       expect(localStorage.hasOwnProperty('UALAccountName')).toBe(false)
       expect(localStorage.hasOwnProperty('UALLoggedInAuthType')).toBe(false)
+      expect(localStorage.hasOwnProperty('UALInvalidateAt')).toBe(false)
     })
   })
 })
diff --git a/package.json b/package.json
@@ -30,7 +30,7 @@
     "react-icons": "3.4.0",
     "react-tooltip": "3.9.2",
     "styled-components": "4.1.3",
-    "universal-authenticator-library": "0.1.4"
+    "universal-authenticator-library": "0.2.0"
   },
   "devDependencies": {
     "@babel/cli": "^7.2.3",

diff --git a/src/components/provider/UALProvider.js b/src/components/provider/UALProvider.js
@@ -170,6 +170,7 @@ export class UALProvider extends Component {
           const accountName = await users[0].getAccountName()
           if (!isAutoLogin) {
             window.localStorage.setItem('UALLoggedInAuthType', authenticator.constructor.name)
+            this.setUALInvalidateAt(authenticator)
           }
           broadcastStatus({
             activeUser: users[users.length - 1],
@@ -213,6 +214,7 @@ export class UALProvider extends Component {
             users,
             message: i18n.t('currentlyLoggedInAs', { accountName: accountInput }),
           })
+          this.setUALInvalidateAt(authenticator)
         } catch (err) {
           broadcastStatus({
             error: err,
@@ -226,8 +228,10 @@ export class UALProvider extends Component {
 
   componentDidMount() {
     const { chains, appName, authenticators, authenticateWithoutAccountInput, submitAccountForLogin } = this.state
-    const type = window.localStorage.getItem('UALLoggedInAuthType')
+    let type = window.localStorage.getItem('UALLoggedInAuthType')
+    const invalidate = window.localStorage.getItem('UALInvalidateAt')
     const accountName = window.localStorage.getItem('UALAccountName')
+    type = this.checkForInvalidatedSession(type, invalidate);
     const ual = new UAL(chains, appName, authenticators)
     try {
       const { availableAuthenticators } = ual.getAuthenticators()
@@ -282,6 +286,34 @@ export class UALProvider extends Component {
     return loggedIn.length ? loggedIn[0] : false
   }
 
+  /**
+   * Checks if the saved browser session has passed the UALInvalidateAt date and clear the cache if true
+   * @method
+   * @param {string} type - UALLoggedInAuthType value
+   * @param {string} invalidate - UALInvalidateAt value in string formatted date
+   * @return {string|undefined} - UALLoggedInAuthType value or undefined if no longer valid
+   */
+  checkForInvalidatedSession = (type, invalidate) => {
+    if (type && invalidate && new Date(invalidate) <= new Date()) {
+      this.clearCache();
+      return undefined;
+    }
+    return type;
+  }
+
+  /**
+   * Sets UALInvalidateAt value to local storage depending on amount of seconds set in authenticator
+   * @method
+   * @param {Authenticator} authenticator - should-invalidate-after authenticator
+   * @return {Void}
+   */
+  setUALInvalidateAt = (authenticator) => {
+    const invalidateSeconds = authenticator.shouldInvalidateAfter();
+    const invalidateAt = new Date();
+    invalidateAt.setSeconds(invalidateAt.getSeconds() + invalidateSeconds);
+    window.localStorage.setItem('UALInvalidateAt', invalidateAt)
+  }
+
   /**
    * Renders available authenticators or starts auto-login process if applicable
    * @method
@@ -315,6 +347,7 @@ export class UALProvider extends Component {
   clearCache = () => {
     window.localStorage.removeItem('UALLoggedInAuthType')
     window.localStorage.removeItem('UALAccountName')
+    window.localStorage.removeItem('UALInvalidateAt')
   }
 
   /**

diff --git a/yarn.lock b/yarn.lock
@@ -5827,10 +5827,10 @@ union-value@^1.0.0:
     is-extendable "^0.1.1"
     set-value "^2.0.1"
 
-universal-authenticator-library@0.1.4:
-  version "0.1.4"
-  resolved "https://registry.yarnpkg.com/universal-authenticator-library/-/universal-authenticator-library-0.1.4.tgz#e3f31d743780077184475089a8a9b57300316161"
-  integrity sha512-1nU8W7yAc+ZQ+MlJA1gGKnGylSNyyaA2wC4Zy1RqtJo+asDYcNTc4gAySYp19TYhfdF0WwQXeve7SVuodbMHJA==
+universal-authenticator-library@0.2.0:
+  version "0.2.0"
+  resolved "https://registry.yarnpkg.com/universal-authenticator-library/-/universal-authenticator-library-0.2.0.tgz#6b609e5a3d6c8c2ad209ccc9f06f4bb6be4bc807"
+  integrity sha512-uukf31lXIB/nRaiO/Z1Aag48ZLWtiX3kd05XIz6QWwjuQbprLOzgesGgMeVxQNTCgTDHGxwtE/mzkZ+5R1x8qw==
 
 unset-value@^1.0.0:
   version "1.0.0"