-
Notifications
You must be signed in to change notification settings - Fork 606
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use refresh token on restore? #249
Comments
Can you verify this works? |
I see what the problem is - the authenticator only refreshes automatically when no access token is present and not when it is stille present but known to have expired: https://github.com/simplabs/ember-simple-auth/blob/master/packages/ember-simple-auth-oauth2/lib/simple-auth-oauth2/authenticators/oauth2.js#L124. |
Interesting. It would make a lot of sense to restore with the refresh token (which may return an error if the refresh token is expired too, but at least it would allow to keep short term token :)) |
The authenticator will now refresh when the token is known to be expired regardless of whether the access token is present or not. |
Hi,
I have an application where the access token is set to 1 day, and refresh token set to 1 month. I've had a user saying to me that he had to relog every day (he didn't manually unlog, just close his browser).
My question is: how Ember Simple Auth behave when the access token expires when the browser is not open? Is Ember Simple Auth smart enough, when someone open the website again, to check if the access token has expired in between, and use the refresh token to try to get a new token?
If that's not the case, that would be awesome to have this work like this. Currently, I just increased drastically the access token lifetime, but I don't really like that!
The text was updated successfully, but these errors were encountered: