Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

When are credentials considered expired? #698

Closed
rdingwell opened this issue Apr 19, 2018 · 2 comments
Closed

When are credentials considered expired? #698

rdingwell opened this issue Apr 19, 2018 · 2 comments
Labels
Auth Related to Auth components/category investigating This issue is being investigated

Comments

@rdingwell
Copy link

I'm using the amplify-react components (version 0.1.33) along with withAuthenticator as shown below. The issue that I am running into is that once I login to the my application I seem to never be prompted for authentication again unless I explicitly logout.

For instance, I say I login on Friday, do somethings, and then just close my browser or simply stop using the app. Come in on Monday load the app in my browser and what I see is the login screen show for a brief time and then without interaction I am into the application itself, without having provided my credentials.

I initially thought that this was because of the default refreshToken expiration time being 30 days. I trimmed that down to a single day and still see the same behavior. This is even after wiping out the local application storage before logging in again, just incase I still had an old refresh token with a lengthy expiration date set on it.

Is this expected? Is there something else I need to set to force an actual login from the user after a certain amount of time?

Thanks

import 'babel-polyfill';
import React, { Component } from 'react';
import FileUpload from "./FileUpload";
import Amplify,{Storage} from 'aws-amplify';

import { withAuthenticator } from 'aws-amplify-react';
import aws_exports from './aws-exports';

Amplify.configure(aws_exports);
Storage.configure(aws_exports);
Storage.configure({
level: 'private'
});

class App extends Component {
render() {

return (
  <div className="App">
  <FileUpload storage={Storage}/>
  </div>
);

}
}

export default withAuthenticator(App,{ includeGreetings: true });
@richardzcode richardzcode added Auth Related to Auth components/category investigating This issue is being investigated labels Apr 20, 2018
@mlabieniec
Copy link
Contributor

@rdingwell in regards to refresh tokens. Amplify automatically refreshes these for you when they expire. So essentially this intended behavior with the library. We do have in our backlog the ability to configure this behavior yourself i.e. listen for when the tokens are going to expire and handle yourself appropriately, see here for tracking this feature: #42

If you feel that issue doesn't capture your request adequately, please feel free to re-open/clarify here thanks!

@hixio-mh hixio-mh mentioned this issue Jan 21, 2021
Merged
@0xpixel 0xpixel mentioned this issue Jan 21, 2021
Open
@github-actions
Copy link

This issue has been automatically locked since there hasn't been any recent activity after it was closed. Please open a new issue for related bugs.

Looking for a help forum? We recommend joining the Amplify Community Discord server *-help channels or Discussions for those types of questions.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jun 13, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
Auth Related to Auth components/category investigating This issue is being investigated
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@rdingwell @richardzcode @mlabieniec