When an MFE loads, it loads and caches user information from the JWT cookie and displays this information in the header.
If the JWT cookie is later updated via logout/login in another browser tab, as an example, the JWT cookie may exist for a different user than the user cached in the previously loaded MFE. Before using the JWT cookie for an API call, it would be better if the MFE checked that the user_id of the JWT cookie matched the user_id cached in the MFE from load time.
If they mismatch, on option is to simply pop error that states that they can refresh to fix, and skips the API call. This way, the user won't lose data if they were in the middle of something, which would happen if we just refreshed or redirected to the login page, etc.
When an MFE loads, it loads and caches user information from the JWT cookie and displays this information in the header.
If the JWT cookie is later updated via logout/login in another browser tab, as an example, the JWT cookie may exist for a different user than the user cached in the previously loaded MFE. Before using the JWT cookie for an API call, it would be better if the MFE checked that the user_id of the JWT cookie matched the user_id cached in the MFE from load time.
If they mismatch, on option is to simply pop error that states that they can refresh to fix, and skips the API call. This way, the user won't lose data if they were in the middle of something, which would happen if we just refreshed or redirected to the login page, etc.