Supabase refresh token
So the user logs in and I set http only cookie = login data access token . in supabase I have set the validity of this access token = 1 hour . I have this question : 1 . what api call should I make to refresh the token ? 2 . if the user did not use the app for let 's say 4 hours , when the user returns I dont want the user to be logged out . is this possible ? I would appreciate if you could help me using native api calls as I am not using the nordbase template . Thanks hey @MartinF thanks for this , hmm not sure where to access the setup from Andreas in the package . I already [checked this ] ( https://editor.nordcraft.com/projects/yello__c_3po_foreign_partridge/branches/start/components/signin-email-form?canvas-width=800&canvas-height=800&selection=nodes.9cukWR7yOsHmMiVMPNCVb&rightpanel=events ) and do not know where to find it you could take a look at the Nordbase project , the page has some notes on what it does , with a refresh handler https://editor.nordcraft.com/projects/nordbase/branches/main/components/refresh-session?rightpanel=style&canvas-width=800&canvas-height=800 @MartinF thanks for this . didnt know clone was different from install . one question . in supa -protected -page -context there is the sessionExpiresAt variable . from my understanding this goes back to null when the page is reloaded so we need to make the refreshSession call . I tried to save it as a cookie but when I get the cookied I dont get the value but only the " { { cookies .token _expires _at } } " . how can i get the value ? is my understanding correct ? The refresh happens in the background on load or when the window is focussed . This calls the refresh api and the actions on api success saves the cookies and set the new value for sessionExpiresAt . You don 't need to save it as a cookie . You can drill into the On success event to see . @MartinF thanks . suppose the page reloads . sessionExpiresAt variable is set to null . this means that we have to make the api call "refresh token " even if this is unnecesssary because the token expires in e .g . 50 minutes ( ) . I want to avoid that by saving the sessionExpiresAt somewhere where is widely accessible probably I am missing sth If the call is successful then there is no impact on the user , they don 't know it happens . So not a massive issue unless you 're sensitive to volume of calls to SB /NC action volume . If you do want to make it more accessible you could store the expires at in session storage / local storage rather than a variable ? 👍1
.jpeg/public)