I’m working in node.js due to upstream requirements, having trouble understanding the best way to handle OAUTH2. I know there are many here who may have solved this and to my dismay, I have the entire app working save this pesky auth issue.My application has no user interaction after initial account linking, it does not use a web browser.Once I have the initial token (and refresh token) is the strategy to just refresh the token when any subsequent API call is made? — What is best practice, do you manage the timeout and only request a new token when it’s nearing expiry, or just request a refresh every time you make an API call.To illustrate, Strava, https://developers.strava.com/docs/authentication/. as an example, provides tokens with 6 hour timeouts, pretty common.I’ve seen much of the info on the web and still have these questions so please don’t send me google links I’ve seen them. I presume I can use passport, lots of folks seem to, but I am not building a web app, so no need for express.If this is the correct strategy (refreshing with every call), I would be grateful to see some real production code that:A) executes the initial request and provides the access/refresh tokens (in node.js)B) makes the refresh token call which I can use when making API calls.How are you doing this in the wild?
Submitted March 02, 2019 at 03:59AM by Jacksonp2008
No comments:
Post a Comment