I have an app – Ionic 3.20.0, Angular 5.2.10 – which uses JWT for authentication (via angular-jwt 1.1.0) against my web server. Everything works fine unless my app is idle for more than a couple of hours. Then when I try to access a page that requires authentication I get a 401 back from my server.
What’s strange to me is that on Android everything works fine. I can stay logged in for several days at a time. In fact, I don’t recall ever being bumped from a session on Android in the two months since I created the app.
At first I thought it was an issue with Ionic storage perhaps not actually committing my token to the database. So I switched to Native Storage and still got the same problem. So then I changed the way angular-jwt gets my token. I initially had my tokenGetter function pulling from storage via:
return storage.get('accessToken'); but I changed things around so that the token is just a variable/property on my Auth service. So now my tokenGetter does:
return auth.token; But I still get the same results.
I’m continuing to try to debug this but it seems like my app is just in a weird state when I come back to it after it’s been idle for a couple of hours. Almost like some of the variables and/or objects are trashed. I’m wondering if anybody has seen such a difference in behavior between Android and iOS with regard to session management. Any input would be greatly appreciated.