I figured I would go with your suggestion and implement in-memory session storing for the time being for development and later add server side session storing.
I’ve done some testing and I figured out why my app always refreshes on its on when entering a page via a url.
Basically, react-auth0-wrapper.js # initAuth0() is being called after the PrivateRoute.js’s useEffect. So essentially PrivateRoute says that the user isn’t authenticated, and then a few moments later, initAuth is called and says that the user is authenticated. But by then its too late and the page has refreshed once.
I’m wondering, is this meant to be normal functionality of Auth0? Are we to manually put in some check (whether in memory or server-side) in the PrivateRoute component to check if the user is authed, prior to initAuth being called?