Reputation:
Reactjs Token expiration time
i making single page web with login with Reactjs. Problem is how and where to save token expire time. Do i need to save in sessionStore, but when browser closes all data will be deleted. Local Store? But then data will be forever. Or i can save in localStore and in every event i have to add function, that checks expire time from localStore, when event triggered successfully update localstore again? but code will look horrible... and how about performance issues? Is this approuche acceptible?
Upvotes: 1
Views: 7824
Answers (1)
Reputation: 18664
Do you use Redux && Redux thunk?
If so, here's the approach I followed:
- When the user logged in, I keep the access and refresh tokens in the Store.
- I'm using redux-persist to keep the tokens in the localStorage (there are other storage too), in order to persist them, when the user refreshes / reopen the app.
- Having a middleware, that checks if the access token is still valid before every one API request.
- If it's expired, try to refresh the access token, using the refresh token.
- If it's not expired, just execute the API request.
- If the user logouts or the both tokens are expired, then I clear the Store (and localStorage via redux-persist too).
More details, for the above flow, you can check in the original answer (where from I took inspirations): https://stackoverflow.com/a/36986329/4312466
If you don't use any State management libraries:
It's an option to follow the above idea, but instead of having a store, middleware, and using redux-persist, you can:
- Keep the tokens in
localStore. - Create a layer (class, function or whatever you want) in your app, that will act as middleware. Every time you want to call the API, you will call this layer firstly, that will check if the token is valid:
- And if so, only then will trigger the API request.
- If the token is expired, that layer will keep all further API requests in a queue, while trying to refresh the token.
However, if you do SPA and have complex state operations, I recommend you to use some State management library.
Upvotes: 2
Related Questions
- how can i setup expiration 30minute in jwt token
- How to redirect user to a diferent path if token is expired
- Checking for the JWT expiration in react app
- ReactJS - watch access token expiration
- React Firebase prevent token expiration in axios
- How to detect jwt token expire on React
- Logout if token is expired
- How to create logout when expires token
- how to check the expiration date of my token every hour (javascript -react)
- React Cookie + ReactJS: How to set expiration time for a cookie?