The JWT stored in the multi_auth cookies are never refreshed. This means they expire in 30 days.
This could be the reason for #1573 and why account switching stops working after some time. It would at least make sense.
Currently, account switching probably just completely stops working and you need to clear cookies to recover. This is pretty bad and something I didn't really make sure fails gracefully in #489.
Describe the solution you'd like
Refresh all JWTs stored multi_auth cookies on every request—or at least the one that is currently used since we always use the multi_auth cookie if the pointer cookie is set.
ekzyis
commented
4 hours ago
Describe the problem you're trying to solve
The JWT stored in the
multi_authcookies are never refreshed. This means they expire in 30 days.This could be the reason for #1573 and why account switching stops working after some time. It would at least make sense.
Currently, account switching probably just completely stops working and you need to clear cookies to recover. This is pretty bad and something I didn't really make sure fails gracefully in #489.
Describe the solution you'd like
Refresh all JWTs stored
multi_authcookies on every request—or at least the one that is currently used since we always use themulti_authcookie if the pointer cookie is set.Describe alternatives you've considered
Fail gracefully if JWTs are expired
Additional context
No response