FastAPI Web App with authentication Refresh Token

[CodeConfusion]

Hello,

I recently ran across your blog,
How to create a FastAPI Web App with authentication.
First,
Thanks for writing the blog, it really got me going on my own project.

Secondly,

I would like to get your thoughts on how you would refresh the cookie / token while the user was active?

Thanks,

Dennis Migut (CodeConfusion)

[SamEdwardes]

Hi Dennis,

Thanks for the message. For future readers, here is the blog post: https://samedwardes.com/2022/04/14/fastapi-webapp-with-auth

I would like to get your thoughts on how you would refresh the cookie / token while the user was active?

I have not dug into this topic. My current approach is to ignore it... After the token expires, the user will be forced to log in again. In the blog post, this is how the token is created:

import datetime as dt
from jose import jwt

def create_access_token(data: Dict) -> str:
    to_encode = data.copy()
    expire = dt.datetime.utcnow() + dt.timedelta(minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES)
    to_encode.update({"exp": expire})
    encoded_jwt = jwt.encode(
        to_encode, 
        settings.SECRET_KEY, 
        algorithm=settings.ALGORITHM
    )
    return encoded_jwt

The token will expire based on settings.ACCESS_TOKEN_EXPIRE_MINUTES.

I am curious: What is your desired approach for handling this, not from a code implementation perspective but from a user experience perspective?