How routes work with meta: auth #641
Comments
|
So it's relying on the api to come back with a specific error code such as a 403 or something which it detects by default. Otherwise there is an auto refresh ping that will occur to continually fetch a new token, so in theory as long as the app is open it wouldn't expire. If you want to do some force logout after inactivity, I think a simple intercept/timer or mousemove/timer could do it. |
|
I'm just asking because of your experience, I'm far away to be an expert in regard to token manipulation. |
|
So this is already done via an interval check automatically and you can increase the timing for that. |
I'm not completely sure to understand how routes work with this library.
Assuming that we have 2 parent components acting as landing pages. We do the login, we get token and refresh_token, and finally, we get redirected to Parent1.vue.
A few minutes later the token expires and after that, we navigate to Parent2.vue.
How can we know that token is already expired? I used to verify it via interceptors when an API call is done, but if we have no API calls at all, how can we handle this?
If the page gets refreshed there no issue since
refresh()is triggered, but what happens while no requests are made?Do I need to request a kind of check every time a route is loading?
I assume that
meta: { auth: true }just validates against localStorage which will exist despite the token is expired on the server.The text was updated successfully, but these errors were encountered: