I use doorkeeper (with sorcery for auth) to offer OAuth2 for a rails api with
refresh_tokens enabled so the user doesn't ends up with an inactive token while using the app, the token is invalid after 20m. If i don't use
refresh_tokens it might happen a user's token is invalid while doing a submit and needs to login again.
What i would like to have is 'refresh token during an active session' and if the token is inactive for
x.hours the user needs to login again.
Unfortunately i don't know how to implement this behaviour with a token based solution, any help would be appreciated!