Apologies if this is out of scope – feel free to close if so.
I'm using the passport strategy provided by openid-client and am also trying to implement a method to keep the access_token from expiring. My current approach looks something like this:
In the Passport serializeUser function, we serialize the access_token, expires_at, and refresh_token into the session.
I'm wondering if there is a suggested method or example for this last step, where the updated access_token gets serialized back into the user session? Is what's outlined above what folks typically do, or is there more of a "passport-way" to do this?
Apologies if this is out of scope – feel free to close if so.
I'm using the
passport
strategy provided byopenid-client
and am also trying to implement a method to keep theaccess_token
from expiring. My current approach looks something like this:serializeUser
function, we serialize theaccess_token
,expires_at
, andrefresh_token
into the session.Before
expires_at
is reached, the client-side calls a/refresh
endpoint, which:client.refresh(req.user.tokens.refresh_token)
Updates the session:
I'm wondering if there is a suggested method or example for this last step, where the updated
access_token
gets serialized back into the user session? Is what's outlined above what folks typically do, or is there more of a "passport-way" to do this?