Persisting tokens
Closed this issue · 4 comments
Is there a correct way to persist tokens between page refreshes? As the default behaviour is to go through the login process every time the page is refreshed/the new tab is open. (unless I'm missing something, of course)
I also get this error (when the page is first loaded)
authError: No silent_redirect_uri configured
However, I do not see anywhere to set silent redirect uri (which is used by the underlying oidc library)
I leave calls on the best practice for persisting the token to the oidc-client-js library and you the consumer. This component just provides a wrapper for svelte to speed up your development, hopefully. I believe the library does store a token for a time.
IIRC, the silent redirect uri is opened in a hidden iframe if a valid token is not present in the session storage to check if the user still has an active session with the authentication server/idp. If a user doesn't have an active session this ensures the user doesn't continue to be authenticated.
I do not seem to have not added the silent_redirect_uri property to the component. Feel free to submit a PR and I'll try to get it merged ASAP.
Alright, I'll fork the repo, and will try to pinpoint where the problem comes from. I'll keep you updated, if I find anything
Oh, I tracked it down, never mind. That was my own config broken (I was not setting redirect_uri). Closing the issue.