I am currently using firebase.auth().createUserWithEmailAndPassword(email, password)to authenticate users and use the JWT token from firebase.auth().currentUser.getToken(true)for API requests. However, Firebase invalidates the token after 1 hour. Therefore, I am wondering how can I update the token. Should I use my own custom token creation to properly use the token update?
I am currently using this, although I have tested it only once, but it seems to work.
firebase.auth().onAuthStateChanged(function () { // Refresh token here })
I read the documents over and over and did not see any mention of updating tokens for web applications. I also looked at examples of repositories for firebase and did not see anyone using onAuthStateChanged for something like this. So I'm wondering, is this the right approach for updating the token on the client side? The reason I think this is not the best approach is because it may have a race condition. For example, if a token expires and I send an API request with an old token before updating the token, then my API request will have an authorization failure for the token to expire.
This is very similar to the question in the Firebase DB HTTP Auth API: when and how to update the JWT token? , but slightly different in the sense that the question using Python does not mention onAuthStateChanged.
Thank!