Skip to content
This repository has been archived by the owner on Apr 27, 2023. It is now read-only.

Refresh tokens and keeping tokens alive #14

Open
jomargon opened this issue Nov 20, 2016 · 11 comments
Open

Refresh tokens and keeping tokens alive #14

jomargon opened this issue Nov 20, 2016 · 11 comments

Comments

@jomargon
Copy link

What is the best way to implement refresh tokens using this approach? Thanks in advance.

@MihaMarkic
Copy link

I added a sample for generating refreshed tokens in #16

@anhlee24
Copy link

i am new in token. can i ask a question? when will i send a request to RefreshPath?

@MihaMarkic
Copy link

@anhlee24 That's up to you. You can calculate it by adding expiration time to current time.

@anhlee24
Copy link

@MihaMarkic you mean that if i set the expiration time by 30m. So i will setup the Client (SPA) to send a request to RefreshPath to keep it alive after 30m?

@MihaMarkic
Copy link

@anhlee24 Yes, but more likely slightly before expiration, like after 29m or something :)

@anhlee24
Copy link

Thank you so much!

@anhlee24
Copy link

@MihaMarkic
Hi, I want to handle the acccess_token expiraton at server side, how can i handle it?

The response header contain: "Bearer error="invalid_token", error_description="The token is expired", but i don't know how to handle this error.
Can you give me any suggest? Thank you :)

@MihaMarkic
Copy link

@anhlee24 Could it be that your token has actually expired? You have to request the refresh before it expires.

@anhlee24
Copy link

@MihaMarkic
Yes. But i want to handle the token expiration in Client (SPA) to redirect to Login page or Unauthorized page, etc ...

@MihaMarkic
Copy link

@anhlee24 On client side you should catch Unauthorized response after each request and redirect app to login page somehow. This is really up to the client implementation.

@anhlee24
Copy link

@MihaMarkic Thank you so much :).

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants