Using checkSession in client-side

norayr.ghukasian · July 22, 2019, 9:58am

Can token renewal (using checkSession) lead to token invalidation related to its signature in backend ?
I use checkSession every time jwt expiration time comes to an end and if user session is active , i just renew the token with checkSession and update it in my storage , so that following requests will be made with new token . Is it a common workflow ?

mathiasconradt · July 22, 2019, 10:30am

Yes, that’s a common approach, there should be no problems with it. One comment though:

renew the token with checkSession and update it in my storage

Tokens shouldn’t be stored in localStorage or sessionStorage, see:

norayr.ghukasian · July 22, 2019, 10:37am

Thanks a lot for quick response , i will keep in mind about storage.

system · August 6, 2019, 10:37am

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
We have to not use refresh token, and we have to not store tokens at browser side. isn't it? JWT.io	1	5553	July 4, 2019
SPA + Embedded Login + Token Refresh Strategy? Help	4	5572	August 29, 2019
Keeping the user signed in Help session , access-token , checksession	2	6472	September 6, 2018
Expired access token with lock and checkSession not working to keep user logged in Help lock , checksession	3	4690	December 12, 2018
Where to store refresh token on WEB? JWT.io jwt , login	2	4813	July 8, 2019

Using checkSession in client-side

Related topics