Ready to post? First, try searching for your answer.
We have the application frontend as react and backend as flask api. We have configured both using Auth0 which means we have integrated in react using Auth0 Provider as a token automatically creates.
For API: we are validating the token which coming from frontend, if it is valid token then we are returning success but the problem here is how to handle if expired token is coming from frontend, as standard process at api, it will reject.
But we don’t want to reject the token, we want to extend same token lifespan in same request, I see refreshtoken will do that but how to handle if token is expired between the requests. Please help.
using above code, token will refresh, but how to handle if the expired token is already passed to api, it should not throw token is expired. Please help on this.
How often are you getting expired tokens at your API? Assuming refresh tokens/silent auth are being utilized correctly, this should rarely ever occur. In the case this does occur (think absolute expiration of refresh token) the user will need re-authenticate. This will need to be done client-side - There is no way to handle this at your API.