Open SaitaoGit opened 3 years ago
rmandlx
commented
3 years ago Right now the JWT is only valid for 1 hour. This means, if someone is logged in for 1 hour, then all of the calls to the backend won't work anymore. We could use something like a refresh token, that ive heard about. That token can be sent to the backend, to refresh the actual jwt. For this we need to detect, when the JWT is running out and somewhat automatically refresh it, without the user having to do anything.
rmandlx
commented
3 years ago @grunerlisa I am pretty sure that the error you had earlier today comes from this issue here. The JWTs are in fact only valid for one hour. This means if you have a JWT stored in that global storage, it is possible that this jwt is expired. Therefore the Backend will return the 401 (Unauthorized) Status code. We will have to decode the jwt and check when it expires and throw it away if it did already expire.
Loading Screen "JWT set AND valid?"