How to prevent "user not authenticated" errors from expired JWTs in socket.io apps? Answered
Hey guys, I already mentioned this issue but the "user not authenticated" error comes from an expired jwt which you issue. Since my web app is working with socket.io i need the user to be constantly connected. Now when the jwt expires, the error appears. Do you offer an endpoint from which I can request a fresh/new jwt or is there a way how you cam sent the new jwt silently in the background?
Comments
5 comments
so far, Memberstack doesn't have refresh token endpoints. All their sessions have an expiration date depending on how you set up your cookies 🤔
I'm a backend dev so I'm not too experienced with cookies. Not 100% sure how to resolve the issue. I just had a chat with one of my friends whos a frontend dev who told me that usually there are endpoints to get a new jwt in the background. Any recommendations how I can handle this?
Thank you!!
By "cookie," I meant where the JWT token is stored, whether it's in a cookie or localStorage (configured in the frontend). The JWT itself comes with an expiration date that you configure in the app settings.
Memberstack doesn’t have refresh token endpoints. If they consider it necessary, they would have to implement that as a new feature. Right now, they provide only access tokens upon signup or login.
You can read about more about refresh tokens in this article, these types of tokens are not required in an authentication path.
You can request new features in Memberstack's wishlist if you think this would be useful for your project.
Ahh okay, so i can adjust the token expiry date? Do I do this in the memberstack dashboard app settings or in the frontend? That would help already. But whats weird is that when i sign in with my pc, and then sign in with my phone, my pc then also says "User not authenticated" even though concurrent logins are allowed.
Thank you!
Here's the explanation to the authentication settings
Please sign in to leave a comment.