-
Notifications
You must be signed in to change notification settings - Fork 255
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Question: Ambiguous token manager refresh behaviour #123
Comments
Hello? |
Okay, I've done some digging into their code. It seems they set a timeout that is dead on the expire time then calls an async network request to refresh the token. There are problems that i can see with this:
Ideally the token manager would try to refresh a couple of minutes BEFORE expiry and make refresh retry attempts if the first one fails. See related issue. Based on this we might just ditch their token manager and role our own. Im reluctant to put in a PR since they are MIA on here. I still have one unknown and that is whats the deal with the session refresh. Its not clear if we need to be doing session refreshes alongside token refreshes? |
Hi @jennasalau , sorry for not answering your question sooner. We do plan to fix this soon, please see this issue I've created to track the work and review our proposed solution: |
Hi @jennasalau, We're looking into getting this fixed ASAP. Please follow along with #125 for updates. Closing this issue as a duplicate. |
Hi,
Can you please confirm how your token manager refreshes tokens?
I note in the documentation it states the following.
Does this mean you allow it to expire before refreshing? Is there a small gap where a user is using our app with an expired token? Or are we supposed have a timer and manually refresh them before expiry?
Also, does refreshing a token also refresh a users session? I'm a little confused when a session expires because to my understanding we need it in order to refresh tokens.
Thanks,
Jenna
The text was updated successfully, but these errors were encountered: