Created
August 22, 2019 11:05
-
-
Save Tanver-Hasan/01a1131c3648d4e492bdf32be211c029 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // check every 15 minutes if the SSO session is still active | |
| setInterval(function() { | |
| // if the token is not in local storage, there is nothing to check (that is, the user is already logged out) | |
| if (!localStorage.getItem('userToken')) return; | |
| auth0.checkSession(function (err, data) { | |
| if (err) { | |
| // if we get here, it means there is no session on Auth0, | |
| // then remove the token and redirect to #login | |
| localStorage.removeItem('userToken'); | |
| window.location.href = '#login'; | |
| } | |
| }); | |
| }, 900000) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
In some multi-application scenarios, where Single Logout is desired (a user logging out of one application needs to be logged out of other applications), an application can be set up to periodically poll Auth0 using checkSession() to see if a session exists. If the session does not exist, you can then log the user out of the application. The same polling method can be used to implement silent authentication for a Single Sign-on (SSO) scenario.
The poll interval between checks to checkSession() should be at least 15 minutes between calls to avoid any issues in the future with rate limiting of this call.
https://auth0.com/docs/api-auth/tutorials/silent-authentication#polling-with-checksession-
https://auth0.com/docs/libraries/auth0js/v9#using-checksession-to-acquire-new-tokens