Description
I would like to set the session lifetime for the client to 6 hours. And if the user logged in and did not take any action during this time, then log out him and redirect him to the login page. But if the user has been making requests to the server with a valid token for 6 hours, I would like to update this token and start the token lifetime again.
If I follow the instructions according to the firebase session cookies documentation found here https://firebase.google.com/docs/auth/admin/manage-cookies?hl=en
I can generate the session token on the server in exchange for a idToken and return the session ID to the client as a cookie. And after that we only use the session token between client and server as cookie, We can also check if the session has expired using verifySessionCookie.
but i can't figure out a way of refreshing the session cookie without telling the user to sign in again.
could you help me understand how this can be implemented?