Best place to check login expiration

I have a custom OAuth implementation and get a expiresAt Date from the OAuth server. I need to log the User out when the expiration has arrived and am wondering where would be the best place to check this. I can use the Accounts onLogin function but it could be that the user is logged in during this time.

I thought maybe a timeout function but do not know where I would need to put this to make it not heavy on the system. In older non reactive systems this would be done per request but due to the nature of things in Meteor I am not sure.

Has anyone done this before? Thanks for your input.

1 Like
const checkSessionExpired = (context, redirect) => {
  if (Meteor.userId()) {
    const user = Meteor.users.findOne(Meteor.userId());
    if (user) {
      const expirationData = (user && user.services && user.services.twentyFour) ?
        user.services.twentyFour : null;
      if (expirationData) {
        if (Users.getStaticHelpers().userAuthSessionExpired(expirationData.expiresAt)) {
          Meteor.logoutOtherClients();
          Meteor.logout();
          redirect('sessionExpiredRoute');
        }
      }
    }
  }
};

I ended up just doing a FlowRouter Trigger to check in case someone else wanted to know my solution. If anyone has a better idea please post it.