Netlify identity widget with role based access

net-user · December 12, 2022, 9:02pm

If I understand this correctly, there is local storage for login with the netlify identity widget and a (session) cookie for storing the role.
Session cookie seems to last forever (on mobile devices).
However, the cookie expires after one hour.

After an hour, you are still logged in (log out is displayed as an option), but you cannot access the content anymore, because your role is not stored anymore.

Could you please change the code of the identity widget so that upon expiry of the cookie, the role is checked and you are automatically re-authenticated (if the user is still logged in)?

Thanks in advance!

amelia · December 13, 2022, 7:21pm

Hey @net-user , great suggestion! You can definitely file an issue on the Identity Widget repo with what you’ve described so that our engineering team can take this into consideration.

net-user · February 26, 2023, 12:47am

I just need to set [GOTRUE_JWT_EXP] (GitHub - netlify/gotrue: An SWT based API for managing users and issuing SWT tokens) to a different value.
Is this possible with environment variables (Environment variables overview | Netlify Docs)?
Otherwise, could your engineers please customize the widget accordingly, so that I do not have to start from scratch with gotrue?

Thanks in advance!

hrishikesh · February 26, 2023, 12:49pm

As mentioned above, please file an issue on the mentioned repo.

net-user · March 1, 2023, 9:17pm

I did in December
https://github.com/netlify/netlify-identity-widget/issues/540
but no answer yet.

I need this until May - the sooner the better.
Do you think, there will be a solution soon?
Otherwise, how do I customize it myself?

Thank you for your help!

hrishikesh · March 2, 2023, 3:22pm

I don’t expect it to be updated soon, but maybe you can work with an old piece of code that I had available used to handle token refreshes:

      const compareDate = () => {
        netlifyIdentity.gotrue.currentUser().jwt()
          .then(jwt => {
            const logInOut = () => {
              const d = Date.now()
              const exp = netlifyIdentity.gotrue.currentUser().token.expires_at;
              if (d > exp) {
                console.log("ERROR: Your identity session has expired and the token couldn't be refreshed!")
                netlifyIdentity.logout();
                netlifyIdentity.open();
              } else {
                console.log("SUCCESS: the token hasn't expired, yet and has been refreshed")
              }
            }
            setTimeout(logInOut, 1000)
          })

net-user · March 21, 2023, 11:21am

Thanks!

A possibility to set an environment variable (e.g. GOTRUE_JWT_EXP=3600*24*7) would be great.