Auth state is not persisted in ClientStorage

[dstendardi]

Description of the problem

Every time page is refreshed, session is lost and user need to re-authenticate.

Proposed solution

In index.ts, allow user to ignoreCache or not by passing option :

await auth0.getTokenSilently({
      audience: options.audience,
      scope: options.scope,
      ignoreCache: options.ignoreCache // currently hard coded  to  true
    });

If this suggestion makes sense, i can open a pull request for it, let me know !

[stevehobbsdev]

@dstendardi This could be something else, such as logging into your Auth0 app using a social provider's development keys. See Limitations of Developer Keys.

Failing that, have you already tested that being able to ignore the cache fixes your issue?

[luisrudge]

@dstendardi are you talking about your app's session or the Auth0 session? If you're talking about the Auth0 session, then what @stevehobbsdev said makes sense. If you're talking about your app's session, then this is by design. Nothing is persisted locally. Each time you initialize the library ( createAuth0Client), we'll check if you have an active session at Auth0 and automatically cache tokens in if you have it.

[GazerSpectre]

@luisrudge How can I retrive token object in angular spa (access_token, expires_in, id_token, token_type)? When I call await this.auth0Client.getTokenSilently(), I've got only single access token.

[dstendardi]

@luisrudge and @stevehobbsdev You are right this is a limitation of development environment and google login, classic login/password challenge works fine. 👍
Out of curiosity why is this boolean hardcoded ?

[luisrudge]

@GazerSpectre you don't have access to the raw response, but you can get all the information via the get* methods.

https://auth0.github.io/auth0-spa-js/classes/auth0client.html#getidtokenclaims

[luisrudge]

@dstendardi because when you init the library, you'll never have anything cached, since we only use in-memory cache.