amplify-js: Auth - Offline Session Management in React Native (expired tokens while offline)
Before opening, please confirm:
- I have searched for duplicate or closed issues and discussions.
- I have read the guide for submitting bug reports.
- I have done my best to include a minimal, self-contained set of instructions for consistently reproducing the issue.
JavaScript Framework
React Native
Amplify APIs
Authentication
Amplify Categories
auth
Environment information
System:
OS: macOS 12.0.1
CPU: (10) arm64 Apple M1 Max
Memory: 74.09 MB / 32.00 GB
Shell: 5.8 - /bin/zsh
Binaries:
Node: 18.7.0 - /opt/homebrew/bin/node
Yarn: 1.22.19 - /opt/homebrew/bin/yarn
npm: 8.15.0 - /opt/homebrew/bin/npm
Watchman: 2022.08.15.00 - /opt/homebrew/bin/watchman
Browsers:
Chrome: 105.0.5195.125
Firefox: 105.0.1
Safari: 15.1
npmPackages:
@novu/node: ^0.8.0 => 0.8.0
amqp-connection-manager: ^3.8.1 => 3.8.1
amqplib: ^0.8.0 => 0.8.0
amqplib-tutorials: 0.0.1
npmGlobalPackages:
@aws-amplify/cli: 9.0.0
@nestjs/cli: 8.2.6
aws-cdk: 2.43.0
eas-cli: 0.54.1
envinfo: 7.8.1
expo-cli: 5.4.6
n: 8.0.0
netlify-cli: 8.0.15
npm: 8.15.0
nx: 13.4.5
plop: 3.0.5
react-devtools: 4.24.3
ts-node: 10.8.1
typeorm: 0.3.6
typescript: 4.5.2
vercel: 28.2.2
Describe the bug
Hi all
We are experiencing session issues with our mobile apps, when our users are offline and the id/access token has expired.
id + access token have expiration of 60min and refresh token of 90 days
We would be interested how others are handling this situation:
- When a user is offline / has no internet connection and resumes the app after the id + access token have expired, the session is dropped and the user is logged out
- How can we avoid this behavior as it is a big pain point?
Would appreciate any feedback
Expected behavior
While user is offline and id + access tokens have expired:
const session = Auth.currentSession()
Reproduction steps
- Go into airplaine mode
- Close app
- Wait until tokens have expired
- Open app
Code Snippet
const session = Auth.currentSession()
Log output
// Put your logs below this line
aws-exports.js
No response
Manual configuration
No response
Additional configuration
No response
Mobile Device
No response
Mobile Operating System
No response
Mobile Browser
No response
Mobile Browser Version
No response
Additional information and screenshots
No response
About this issue
- Original URL
- State: open
- Created 2 years ago
- Reactions: 4
- Comments: 15 (6 by maintainers)
Hi @itsramiel this is something I think we want to/should support so we have marked this as a bug and the team is going to look into this further. I don’t currently have a timeline on the fix but any updates should be posted here.
Thank you for bringing this to our attention
Hey @tannerabread. We are experiencing this in our react native app. The issue precisely is that if a user opens the app while offline and his access token has expired, then
Auth.currentAuthenticatedUser()throwsThe user is not authenticated. If the user then came onlineAuth.currentAuthenticatedUser()will return correctly.This is an issue because users will think they are logged out but in reality they are not. All they need to do is turn on their wifi and then they are logged in again.
You can reproduce it by creating a simple react native app with aws amplify setup and log in with a user. You can then turn off wifi, change time from settings to after the period of the access token, and then try to call
Auth.currentAuthenticatedUser()and you will seeThe user is not authenticatedbeing thrown. In fact I do not think you need a react native app specifically, but that’s our use case.There is a merged fix in amplify-flutter to handle when a user is offline. Can we have something similar here?
Hi, excuse the delay on this issue. I have just reproduced it with the steps provided and will bring it up with the rest of the team soon to see if this is something we will fix on our side.