Implement Session Persistence #7

Closed
opened 2025-10-21 16:10:50 +00:00 by tomas03silva · 1 comment
tomas03silva commented 2025-10-21 16:10:50 +00:00 (Migrated from github.com)

Session renewal, token refresh, and auto-logout handling.

Session renewal, token refresh, and auto-logout handling.
puctw commented 2025-12-14 15:33:53 +00:00 (Migrated from github.com)

Authentication Flow:

Login → Access Token (15 min) + Refresh Token (7 days, HttpOnly cookie)

API Requests with Bearer token

Token expires → 401 Unauthorized

Automatic refresh using HttpOnly cookie

New access token → Retry original request

If refresh fails → Auto logout → Redirect to /sign-in

Authentication Flow: Login → Access Token (15 min) + Refresh Token (7 days, HttpOnly cookie) ↓ API Requests with Bearer token ↓ Token expires → 401 Unauthorized ↓ Automatic refresh using HttpOnly cookie ↓ New access token → Retry original request ↓ If refresh fails → Auto logout → Redirect to /sign-in
Sign in to join this conversation.
No milestone
No project
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
AndreFerreira5/starranja-app#7
No description provided.