I am writing an SPA application and it is my understanding that the refresh token functionality should not redirect and should instead return new cookies with a 200 response or an error.
Why is this needed:
SPA applications usually would like to handle refreshing tokens without redirection and, in case of failure display a message before redirecting.
What would you like to be added:
I am writing an SPA application and it is my understanding that the refresh token functionality should not redirect and should instead return new cookies with a 200 response or an error.
Why is this needed:
SPA applications usually would like to handle refreshing tokens without redirection and, in case of failure display a message before redirecting.
Does this make sense, I am willing to contribute.
Thanks!