Handle session expiry
Hi, is it correct to state that the authentication example cannot handle expired sessions?
From what I can tell, the _auth layout route is triggered when navigating to an auth route, but not when switching between auth routes.
Meaning that if a server session expires, these will not be detected, except if the authGuard is set for every authenticated route?
Basically what I want to achieve is, on accessing an auth route, getSessionFromLocalStorageIfLocalSessionTimeNotExpired(), if expired, try to get server session, if success consider authenticated, if failed unauthenticate. While doing getServerSession stay in a loading state.
I've tried for a while now, but it seems unachievable?
auth example:
https://stackblitz.com/edit/tanstack-router-jrjf5e?file=src%2Froutes%2F_auth.tsx&preset=node
StackBlitz
Router Authenticated Routes Example (forked) - StackBlitz
Run official live example code for Router Authenticated Routes, created by Tanstack on StackBlitz
4 Replies
metropolitan-bronzeOP•15mo ago
Is there someone who can help me?
@TkDodo 🔮 perhaps :)
eastern-cyan•15mo ago
The example provided doesn’t handle expired session, it doesn’t even know what the session is, you need to handle that yourself or you Backend.
metropolitan-bronzeOP•15mo ago
@Enyel , My point is more in: _auth layout route is triggered when navigating to an auth route, but not when switching between auth routes. Meaning that if I have an implementation where on the beforeLoad the session is fetched. and the session expires, other queries will fail with an auth error?
xenial-black•15mo ago
@Emiel You are either able to handle this in React-land or in the Router's beforeLoad callback.
If you are handling this in the beforeLoad callback, you need to have a React independent way of checking the user's auth status. From there, on accordingly, you can trigger the redirects.
In React-land (or what's normally considered as the AuthGuard apporach) you'd need to set up a timer in a useEffect and then calling your check function there.