How to maintain a active session for Rails 5 API with OAuth2 (doorkeeper)

by Daniel   Last Updated October 14, 2019 12:26 PM - source

I use doorkeeper (with sorcery for auth) to offer OAuth2 for a rails api with refresh_tokens enabled so the user doesn't ends up with an inactive token while using the app, the token is invalid after 20m. If i don't use refresh_tokens it might happen a user's token is invalid while doing a submit and needs to login again.

What i would like to have is 'refresh token during an active session' and if the token is inactive for x.hours the user needs to login again.

Unfortunately i don't know how to implement this behaviour with a token based solution, any help would be appreciated!



Related Questions




How to secure a refresh token?

Updated July 12, 2019 20:26 PM