Within React, I want to check every 15 minutes for whether the current session token is valid and, if not, refresh it. Here’s what I’m trying so far:
const refreshToken = async () => {
console.log(':: refreshToken');
const isAuthenticated = await auth0Client.isAuthenticated();
const token = await auth0Client.getTokenSilently();
if (isAuthenticated) {
const claims = await auth0Client.getIdTokenClaims();
const claimsDecoded = await jwt_decode(claims.__raw);
console.log(claimsDecoded.exp);
dispatch({
type: 'REFRESH_TOKEN',
payload: {
user: {
token: token,
expires: claimsDecoded.exp,
claims: claims.__raw
}
}
});
} else {
logout();
}
};
// Continually refresh Auth0 session
useEffect(() => {
const delay = 900000; // 15m
const timer = setInterval(async () => {
console.log(':: Session refresh');
if (state.isAuthenticated) {
await refreshToken();
} else {
clearInterval(timer);
}
}, delay);
return () => clearInterval(timer);
}, [refreshToken, state.isAuthenticated]);
The issue I’m seeing is that, even though this runs every 15 minutes, console.log(claimsDecoded.exp) still always shows the same expiration timestamp from the retrieved token. And, once that expiration happens, the application starts to fail auth to the API due to the token being sent to the API is expired. So it is as if the token never did get refreshed.
I’ve had to rethink how this all works as I try to move to the latest (2.0.0) release of auth0-spa-js.
I’ve tried using the checkSession() function as well, and that hasn’t seemed to make a difference.