Hey
I’m wondering how you lot are handling cases where the user is logged in, backgrounds an authenticated tab, then returns to it later, long enough after that the Auth0 session has expired?
In my app, everything looks good, until the user tries to interact with the page, and all the api requests fail. makes sense. Though, I haven’t really come across anything obvious about needing to handle the window.focus
event or similar, checking the session and re-authenticating. But I assume thats what you all are doing?
I have a specific use case and not sure if it can be done without trickery.
When a user returns to an open tab after a long time and the session has expired, I want to:
-
Check the session to find out if they are currently authenticated
-
if the session has expired, I just want to clear the local current user & token, effectively logging them out of the client (they are already logged out on the server)
-
I DO NOT want to redirect them to the homepage or the login page UNLESS they are on an authenticated page, otherwise I want the logout to be seamless, until they interact with something that needs them to be authenticated.
I know I can use getAccessTokenSilently
and wrap in in a try/catch
looking for the login_required
error.
but once I have that, is there a way to null out the current user & token without calling logout?