Question regarding authentication

Options
ihayes
ihayes Member
edited December 2022 in Bubble

It seems the XANO tokens expire. What is the best way to poll if the token is still valid? Our front end is Bubble. Thanks

Tagged:
· Share on Twitter

Comments

  • nocodetalks
    nocodetalks Member ✭✭
    Options

    You can set it to never expire by setting expiration= 0 . BY default token remain live for one day.

    In Bubble, you can check the error in the api response by checking "returned an error". If it is true , then check for "error message" based on that you can write login to get the token again.


    Follow me on twitter

    · Share on Twitter
  • ihayes
    ihayes Member
    Options

    Thanks...very helpful...I hadnt seen the checkbox to "return an error"

    · Share on Twitter
  • Ray Deck
    Ray Deck Trusted Xano Expert ✭✭✭
    Options

    Rather than making the token never expire, I'd recommend setting up an authenticated endpoint that returns a new authentication token. Make that something that hits on new page load or something.

    This pattern ets you keep the user online as long as they are contacting your system once in a while without the security hole of a non-expiring token that a third party could invade at any time.

    · Share on Twitter
  • nocodetalks
    nocodetalks Member ✭✭
    Options

    Agree with @Ray Deck .

    · Share on Twitter
  • EdChan
    EdChan Member
    Options

    I'm using the /auth/me call to verify the token is still valid at every "page is loaded". If not, I do something like Stripe: Display a non-closable popup asking for the password, and then try to get a new token with that.

    · Share on Twitter

Categories