Hugo site with GoTrue setCookie expires


I have very simple website with custom login using GoTrue. The routes are protected using roles as described in the documentation. All is working fine but I have notice, even so setCookie is true, the routes are blocked after few hours. GoTrue does seem to return the correct user account and therefore the user is still logged in as it seems. In order to access those protected routes, I have to logout and login first. It seems the token as expired but should currentUsers in that case not return anything?


Hi @nolafs,

JWTs are set to expire in 1 hour by default. The Netlify Identity Widget automatically refreshes the token when it’s expired, but when you’re using custom GoTrue implementation, you would have to refresh the token yourself.