All topics

Need to login every 1-2 hours

Vizualinx

5 months ago

I'm getting kicked out of my app every 1-2 hours, i'm using supabase so maybe it's a setting in supabase. How can i fix this?
Lucas G

5 months ago

The bot reply you got was the answer
By default, Supabase's expiry on its tokens is an hour
Increase it
Vizualinx

5 months ago

i did that, but how does it work with refreshing the token?
Kai

5 months ago

you have to use chrome and install the toddle plugin. this manages that you stay logged in after running the login page in toddle.
😉
@Kai
you have to use chrome and install the toddle plugin. this manages that you stay logged in after running the login page in toddle.
Vizualinx

5 months ago

Not talking about toddle, I'm talking about the actual app.
Kai

5 months ago

oh sorry... Then I can't help out.
Vizualinx

5 months ago

Thanks anyways
@Vizualinx
i did that, but how does it work with refreshing the token?
Lucas G

5 months ago

What do you mean by this?
New sessions after you update the setting will have the new expiry
Vizualinx

5 months ago

I understood that the secure way is to leave the token expire after 1 hour (as is the default) and refreshing the token after every hour.
Have I got it right?
(Sorry, never dealt with this kind of stuff..)
Lucas G

5 months ago

Depends on what you mean by 'secure'
Usually that means storing the refresh token somewhere easy to access such as session storage
Which is easy to access by most things which makes it not 'secure'
Imo setting a longer expiry is fine
Lucas G

5 months ago

The database itself should be protected anyways
Vizualinx

5 months ago

ok, Thanks @Lucas G
MartinF

5 months ago

@Vizualinx to get it to auto refresh the token after an hour you need to use supabase-js. That automatically sets the cookie to local storage. If you set a listen event for token login and token refresh you can add the data to the Toddle session cookie so Toddle always has a token that is valid and is refreshed in the background. You can also listen for log out events in case a user logs out in a different tab or on a different device which is a plus.
@MartinF
@Vizualinx to get it to auto refresh the token after an hour you need to use supabase-js. That automatically sets the cookie to local storage. If you set a listen event for token login and token refresh you can add the data to the Toddle session cookie so Toddle always has a token that is valid and is refreshed in the background. You can also listen for log out events in case a user logs out in a different tab or on a different device which is a plus.
Max

5 months ago

This will be less.secure, though, because the token is stored on the local storage... Or does the JS package store it as an http-only cookie?
Vizualinx

5 months ago

I guess for the while I just extended the session time.
@Max
This will be less.secure, though, because the token is stored on the local storage... Or does the JS package store it as an http-only cookie?
MartinF

5 months ago

Default for supabase-js is to persist to local storage along with refresh token, so not great. You can set it http-only cookie (which i've now just done, thanks!!), or you could not persist it at all.
💪1

Need to login every 1-2 hours

Vizualinx

Lucas G

Vizualinx

Kai

Vizualinx

Kai

Vizualinx

Lucas G

Vizualinx

Lucas G

Lucas G

Vizualinx

MartinF

Max

Vizualinx

MartinF

Stop scrolling. Start building.

Chat with @team-toddle

Video call our CEO

Get in touch!

Product

Company

Resources

Community