Auth Adapters could check for expired / invalid authentication when making a request

[SebC99]

I thought the RestWrite controller would check user's authentication data for each received request, but apparently it's not, and the validateAuthData method is rarely called (only when the server detect a mutation in the authData passed in the request)

So in a case where a Facebook token expires for a user, as the validateAuthData method is not called, the user is still seen as authenticated for Parse-Server.
It would be nice to have a way to reject the request with an authProvider specific error.

[flovilmart]

THIs is by design. Facebook tokens are short lived. If each time a user is saved we’d validate the authData, then 1: it would be ineffective, 2: users would get locked out of their account.

If you have another design in mind, feel feee to open a PR.

[SebC99]

If this is by design, why do we save the token? Then it's useless, no?
Fb token aren't short lived on iOS or Android, but only on web, and parse fb adapter could convert it to long lived.
It seems weird to delegate the authentication to an authentication provider while not checking for the authentication validity after the first login. 🤔

[flovilmart]

Again, this project is open source, feel free to open a pull request.