sammachin
commented
2 months ago Also when a session does expire it would be nice for the page to update to the login screen instead of staying on the last viewed page until you try and submit something, this would avoid the scenario of putting information into a form only to click submit and get the login page. I guess this needs some sort of client side timer?
Further to Slack discussion https://drachtio.slack.com/archives/C017ML321NK/p1714634123788929
It feels like my sessions are expiring rather too often,
I've checked the JWT that I get and the expiry is set to 60mins from when I logged in.
However I suspect that the JWT is created at login with a 60min expiry timer, but never updated so if you’re still logged in and activly using the site after 60mins then you get kicked out.
What it should do is renew the JWT if you send a request and it has less than say 10mins on the timer.