You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
What is the improvement or update you wish to see?
The doc on refresh token rotation for JWT, doesn't work with the client side functionality as it doesn't put an error into the session.
If an error occurs, the session still remains authenticated albeit with an error message attached. This doesn't seem secure as a user can still see resources which require authentication. I believe the status should change to unauthenticated?
Is there any context that might help us understand?
N/A
Does the docs page already exist? Please link to it.
The text was updated successfully, but these errors were encountered:
deelo55
added
documentation
Relates to documentation
triage
Unseen or unconfirmed by a maintainer yet. Provide extra information in the meantime.
labels
Jun 9, 2024
What is the improvement or update you wish to see?
Is there any context that might help us understand?
N/A
Does the docs page already exist? Please link to it.
https://authjs.dev/guides/refresh-token-rotation
The text was updated successfully, but these errors were encountered: