Question regarding authentication
It seems the XANO tokens expire. What is the best way to poll if the token is still valid? Our front end is Bubble. Thanks
Comments
-
You can set it to never expire by setting expiration= 0 . BY default token remain live for one day.
In Bubble, you can check the error in the api response by checking "returned an error". If it is true , then check for "error message" based on that you can write login to get the token again.
-
Thanks...very helpful...I hadnt seen the checkbox to "return an error"
-
Rather than making the token never expire, I'd recommend setting up an authenticated endpoint that returns a new authentication token. Make that something that hits on new page load or something.
This pattern ets you keep the user online as long as they are contacting your system once in a while without the security hole of a non-expiring token that a third party could invade at any time.
-
Agree with @Ray Deck .
-
I'm using the /auth/me call to verify the token is still valid at every "page is loaded". If not, I do something like Stripe: Display a non-closable popup asking for the password, and then try to get a new token with that.
Categories
- All Categories
- 53 ? Announcements
- 47 ? Releases
- 37 ? Welcome
- 983 ? Help! I'm a Noob
- 125 ? No-Code Front-Ends
- 633 ? Working with APIs
- 439 ? Transforming data
- 126 ? Connect Xano to ...
- 50 ?? Find an Expert
- 348 ❓Other questions
- 35 ? Security
- 22 ✂️ Snippets
- 19 ? Showcase
- 7 ?️ Xano Chatter
- 62 ? Video Tutorials
- 171 ? Request a feature
- 229 ? Report a Bug
- 19 ? Templates & Extensions
- 7 ? Feedback