In the previous article I’ve built the authentication functionality. It outputs the previously mentioned Auth Token: a token that allows the client to call protected API in a safe way.
But, as I said, a new problem arises:
The user must be able to continue with their session without providing login credentials every few minutes.
Refresh the token The easiest method to implement the refreshing of the auth token is… Using the current and valid auth token to request a new one.