Refresh Token Firebase

If the app has multiple pages and the token expires in 1 hour, what do you suggest?
to redirect the user to home page and refresh the token OR
to set refresh the token function on each page?

I want to know best practice to avoid duplicating some functions that might be required on each page.

From what i know from firebase, the id token is the one which need to be refreshed, the refresh token doesnt need to be updated, which means that you can store it in a the device and every time you need a to verify, you can call the function to get a new id token by sending and verifying the refresh token.
https://firebase.google.com/docs/reference/rest/auth#section-refresh-token
(That’s what i have understand and what im doing in my app)

I hope it helps you

1 Like

Thank You @Dimos_Vamvourellis This is helpful
So, do you check the IdToken expiration on each page and redirect the user to homepage to call refresh IDtoken or call the refresh IDtoken from the same page?
If you call the IDtoken on each page then many steps are duplicate in each page. I would like to know if this can be avoided

You can manage the idToken on the ‘Global Canvas’. This way you do not need to refresh the idToken on the other pages.

This is really promising. Thank You @stayfoolish

By the way, does the app launched get called when you switch from current app to another app and come back to this app later? for example when you are working on Twitter app and then switch to Facebook app and then comes back later to twitter app, does app launched get called?

@stayfoolish
Felix; do you know if the recent FIREBASE - Initialize Firebase flow that we can include onto the global canvas logic renders this step redundant/inquired?

I have admittedly not yet fully read all documentation in regards to this “new” method of logging into Firebase :frowning: and I definitely will be doing so… but if you have any insight fore hand I would be ever so grateful.

My logic is that since to the “installed” flow list of the app automatically something called Set auth state persistence (Firebase Auth) is added after you set up your app with Firebase…
And this flow is apparently doing pretty much what you above proposed (dependent on your choice of it being local/session/none) for web: I thought that possibly the added flow “Initialize Firebase” may just be doing the job for us…

Do you know anything about this?

You are right:
the flow functions around ‘Firebase’ will do the job as well. Exactly as you describe above.

It is just, that this setup does not allow for several features I need for my app: The ‘Email & password authentication (Firebase Auth)’ does not give me the idToken (only the refreshToken) in the output of the node; but I need the idToken to establish authorization for ‘http-requests’.

Therefor I could not use the prebuilt ‘Firebase-flow-functions-setup’ and had to create the logic with other flow functions.

Point taken… and noting this as well as your above answer down for once again: useful reference.
Thank you once again for your time!

Same for me @stayfoolish Thank You

By the way can you please clarify this point? Does the app launched get called when you switch from current app to another app and come back to this app later? for example when you are working on Twitter app and then switch to Facebook app and then comes back later to twitter app, does app launched get called?

Sorry, I also don’t know for sure how the trigger for the ‘app launched’ event is defined in detail.

Ok, Thank You @stayfoolish