Skip to content
This repository has been archived by the owner on Feb 24, 2018. It is now read-only.

configure refreshToken expiration #690

Open
dagda1 opened this issue Feb 21, 2018 · 0 comments
Open

configure refreshToken expiration #690

dagda1 opened this issue Feb 21, 2018 · 0 comments

Comments

@dagda1
Copy link

dagda1 commented Feb 21, 2018
edited

In my app, I make a call to getSession if the user refreshes the page or tries to access a client side rout that requires the user to be authenticated.

The problem I am seeing is that the refreshToken never expires.

So I do this:

const currentSession = await authorisationProvider.getSession();

this.setState({ isAuthenticated: currentSession && currentSession.isValid(), busy: false });

But having stepped through the code and if the cachedSession.isValid() call returns false then a call is made to refreshToken which always appears to return new tokens no matter how long I leave it.

Does the refreshToken never expire or can I configure it to expire in an hour or so?

The only way for things to expire is for localStorage.clear() to be called which is obviously not a real solution.
@dagda1 dagda1 changed the title refreshtoken is never expires configure refreshToken expiration Feb 21, 2018
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@dagda1