Auto Sign-Out on expired session

[martin-braun]

When hosting the server locally, the token will invalidate, if the server is disabled for a while, thus the SoftPlayer client will receive Abort.400: could not decrypt refresh token. The SoftPlayer should then auto sign-out, so that I can re-authenticate with a few clicks and don't have to go into the options to sign out first.

[Peter-Schorn]

When hosting the server locally, the token will invalidate, if the server is disabled for a while, thus the SoftPlayer client will receive Abort.400: could not decrypt refresh token.

How you host the server should not affect when the access token becomes invalid. It expires after an hour, or if a new access token is retrieved. The refresh token will only become invalid if a new one is retrieved. Even if the refresh token becomes invalid, you should still be able to decrypt it. If you change the secret key for SpotifyAPISever, then you will be unable to decrypt the refresh token.

Also, the server is completely stateless. Disabling it for any period of time should not cause the access or refresh token to become invalid.

As long as you don't change the secret key, the access token can always be refreshed indefinitely in the background. There's never a need to re-authenticate an "expired" session.

[martin-braun]

You are right, this happened when I changed the secret key, and I falsely assumed my session was lost due to time constraints. Thank you so much, it works like charm! :)