After analyzing a lot of examples online and the asp.net core + react authentication given template, I noticed that all of them do NOT use redux store. At first I tough that you should not use them but it could also be just an example application to show roughly how to execute it in a simple manner.
After it a tough came: how should you properly execute such manner?
If you store it in the store, means it gets the data of whatever user you are and update it only on login/logout. But if your session key expires, front-end (redux store) will not know that and trying to access a page you are not authorized will get an error message. To prevent that, it should log a user out as soon as the session ends. How such thing should get executed? Should I have like some sort of a timer to like every 5-10s execute an action to check if session key is still valid? or on every page component render/re-render check if the session key still exist?
What is the correct way?
Answers:
Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.
Method 1
It’s depend about your authentication system, You can use eg. Auth0.
If I understand You correctly – there is everything about:
— expiration of token
If information about expiry, you can get information about when it will expire:
return new Date().getTime() < expiresAt;
And also if the token will expire just redirect to login page with information or automatically refresh token.
Here are more implementation details (with interceptor pattern):
All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0