Issues with expiring tokens - How can I persist the user authentication #42
Description
Amazing work on the video and these repos (this one and the functions ones)!
I had an issue with trying to make the authentication persistent -
Currently:
The user signs in -> gets a token (generated by getIdToken() on the backend) -> saves it in local storage -> every requests is being sent with a header containing the Authorization header -> FBAuth middleware uses VerifyIdToken()
Works flawlessly.. for an hour, then the token expires and my http requests start getting 403 and the auth/id-token-expired and the only way to handle this is to sign out the user and then sign in again.
Maybe I'm missing something?
Possible solutions I thought of
- generating a custom token on the backend, verifying them and when it fails my client-side tries to signInWithCustomToken or maybe regenrate it somehow?
- Start using the firebase client side SDK to make it handle all the work for me?
Any other thoughts? :)
Thanks!