When the retro auth token expires (either due to passing exp time or due to the keys cycling), the client should detect the failure (e.g. by detecting websocket 4401/4403 or http 401/403) and automatically direct the user to the password page.
Care should be taken to avoid data loss; if the client was trying to sync, the diff should be preserved and sent again once the connection is re-established.
When the retro auth token expires (either due to passing
exptime or due to the keys cycling), the client should detect the failure (e.g. by detecting websocket 4401/4403 or http 401/403) and automatically direct the user to the password page.Care should be taken to avoid data loss; if the client was trying to sync, the diff should be preserved and sent again once the connection is re-established.