I know Blitz stores data in local storage, cookies & the DB for sessions, currently the only check for auth is if the user id is defined in I assume the cookie. But this may still mean that the actual session has expired for example.
#Is checking for userId inside a session sufficient to decide if a user is logged in?
worldly trail
small dock
I thought this was what calling .authorize() was for? on the blitzpage or maybe it was .authenticate() can’t remember
worldly trail
I thought this was what calling .authorize() was for? on the blitzpage or maybe ...
Correct, my point is more so if just that alone is enough to determine that a user is validly signed in
small dock
does the token itself not contain encoded expiration data?