Remember Me functionality

Remember me functionality

Frontend

When clicking "remember me" the refresh-token retrived from the backend is stored in local storage. 
And on application startup the application checks if that refresh token is still valid (on the backend) - and uses this to get a new access-token - and automatically log-in the user.

Backend

New table has been created: Users.tUserRefreshTokens which now contains all the refresh-tokens issued. 3 procedures have been created to CRUD operations on this table.
Before this table the refresh-tokens were stored in-memory on the server, which means that a recycle of the app-pool will log-out all users, when their access-token expires.
A caching mecanism is implemented in the token-manager, so it won't ask the database all the time. Cache timeout is set to 5 minutes.

Content on this page:

The information on this page is based on Link 2.12