I want to achieve never expiring login tokens/sessions - the user should login once and never have to login again!
After some research, I use the following code on my server: (see here)
Accounts.config({
loginExpirationInDays: null
});
The problem is, that according to my logs, the following error still shows up very frequently:
Error logging in with token: Error: Youve been logged out by the server. Please log in again. [403]
How can I achieve never-expiring sessions, what am I doing wrong? Unfortunately the users in my (B2B) market are usually very hesitant to login again, they often forget their passwords and so on.
Also any help on how to debug the actual causes of the tokens expiring are very welcome!
Sidenote: a new version of the app is releases usually every week, including the Cordova Mobile app. This might have something todo with the tokens expiring?
What prevents you from setting a large number like 365 for loginExpirationInDays? Do you think it’s reasonable to have them log in once in a year?
Also - if your users delete their localstorage when they close their browser (due to privacy settings) they basically have to login again. This would then be out of your control.
Maybe you go talk to your users and ask for alternatives, like second factor auth (pin via mobile phone) or passwordless logins via Magic Email links.
In our current setup we have multiple node processes connected to the same MongoDB, all running with the setting Accounts.config({ loginExpirationInDays: null }) but the problem does not go away.
It seems like all the users are logged out 3 months after their first login (the default value). What am I missing here? Can anyone help?
I really need this to work!
Sidenote: We do not use Cordova anymore but have a ReactNative App using Simple-DDP to login. Same problem persists here too.