Auth0 Home Blog Docs

Auth0.js checkSession slow

Hi There,

We are using auth0.js in a static web page. Login/signup buttons are rendered dynamically depending on the login state. We are using auth0.checkSession with a callback. It takes anywhere from 500ms to 2 seconds depending on the connection for the callback to respond, even if there is no user logged in.

My understanding was that auth0.js would use local storage to determine if the user is signed in or not, but we see it making a request to:
https://xxx.auth0.com/authorize?client_id=xxx&response_type=token%20id_token&redirect_uri=xxx&scope=read%3Acurrent_user%20profile%20email%20openid&audience=xxx&state=xxxx&nonce=xxx&response_mode=web_message&prompt=none&auth0Client=xxx

We are not making any call except for checkSession. Using: https://cdn.auth0.com/js/auth0/9.11/auth0.min.js

This not only causes slowness in the UI to render, but also seems completely unnecessary.

Thanks,
Ruben

Hi @rubenhak,

checkSession is used for silent auth and initiates a request for a new token. That is why you are seeing a request in a hidden iframe.


Tokens should not be stored in localStorage, and should be stored in memory without being persisted.

hi @dan.woda,

Got it. Can you suggest a method to quickly determine that the user is not logged in. It is ok if it takes longer to fetch a token for logged in users. This is more critical for users that had never logged in to the sites.

Its a statically hosted web page, which also has backend.

Thanks,
Ruben

I apologize for the delayed response.

You could add a flag in localStorage (not a token or user data) indicating if the user has previously logged in. You can check that flag and do your silent auth or display the login buttons.

Although, I can’t find any examples of this process, and it seems as though checkSession is working for most users. Are you using one of our quickstarts? I am curious if your implementation is not working as intended.

Thanks,
Dan