• r

    rp

    2 years ago
    Hi @vdvn75
  • d

    Dee

    2 years ago
    I have a very simple question, couldn't be more sillier maybe. What is the appropriate way for the UI to handle expiry of tokens. Should it be like the API is hit with an expired token, backend throws auth error and then UI hits another API to get refreshed tokens?
  • r

    rp

    2 years ago
    that is one way.
  • r

    rp

    2 years ago
    Another way is if the frontend knows that the token has expired already, and directly calls the refresh API
  • r

    rp

    2 years ago
    how did you find out about us? Through our site or blog?
  • d

    Dee

    2 years ago
    How does the frontend know the token has expired? By maintaining the expired_at or expired_in sort of a thing? Also a similar thing should be in place for refresh tokens?
  • d

    Dee

    2 years ago
    And I knew about you guys recently just through searching for good articles on google for user authentication and came across the blog 😄
  • d

    Dee

    2 years ago
    And ofcourse which one is preferred ?
  • r

    rp

    2 years ago
    Yea.. store some value in localstorage or non-httpOnly cookie using which you can know when it expires. We can do that for the refresh token as well.. but that doesn't matter too much cause usage of refresh tokens is relatively rare anyway.
  • r

    rp

    2 years ago
    I see. Are you looking to use supertokens? Or just curious?