how handle refresh token service in AWS amplify-js

Question

In my react project I am using AWS Cognito user pool for user management, for user authentication, I am using AWS Cognito idToken. after 90min the session will expire, then

Answer 1

Calling Auth.currentSession() should solve your problem. Amplify-js abstracts the refresh logic away from you.

Under the hood currentSession() gets the CognitoUser object, and invokes its class method called getSession(). It's this method, that does the following:

1. Get idToken, accessToken, refreshToken, and clockDrift from your storage.
2. Validate the tokens (i.e. idToken, and accessToken) to see if they have expired or not.
3. If tokens are valid, return current session.
4. If tokens are expired, invoke the refreshSession() method of the CognitoUser class, which communicates to the AWS Identity Provider to generate a new set of tokens.

All you have to do now is either:

1. Make sure to call Auth.currentSession() at regular intervals
2. Always call Auth.currentSession() to get your token for each http request that you make.

You could use a wrapper like this:

const getAccessJwtToken = async () => {
  // Auth.currentSession() checks if token is expired and refreshes with Cognito if needed automatically
  const session = await Auth.currentSession();
  return session.getAccessToken().getJwtToken();
};

Lastly, this github discussion also introduces a very good manual way to refresh your token and introduces a use case for when you should explore that option.