Implement Session Persistence #7
Labels
No labels
Deploy
RBAC
authentication
bug
documentation
duplicate
enhancement
frontend
good first issue
help wanted
invalid
question
routing
security
state-management
wontfix
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
AndreFerreira5/starranja-app#7
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Session renewal, token refresh, and auto-logout handling.
Authentication Flow:
Login → Access Token (15 min) + Refresh Token (7 days, HttpOnly cookie)
↓
API Requests with Bearer token
↓
Token expires → 401 Unauthorized
↓
Automatic refresh using HttpOnly cookie
↓
New access token → Retry original request
↓
If refresh fails → Auto logout → Redirect to /sign-in