I have been pulling my hair out trying to get Cognito to work in my Web App. I am using AWS API Gateway to retrieve data from DynamoDB and using Cognito to authenitcate users for access to the API Gateway.
It works fine until apparently the ID token expires (an hour). Then, I get a bogus "Cross-Origin Request Blocked" when calling the API Gateway. I say bogus, because CORS is enabled (and it works fine after initial sign-in), but it appears the ID token is expired so it throws that error (not sure why).
Before I do the call to the API Gateway, I do the following in my code:
const cognitoUser = await Auth.currentAuthenticatedUser()
if (cognitoUser) {
const currentSession = await Auth.currentSession(cognitoUser)
console.log("currentSession")
console.log(currentSession.getIdToken().jwtToken)
appDispatch({ type: "saveSession", data: currentSession.getIdToken().jwtToken })
} else {
console.log("no user")
}
I am using the jwtToken in my Axios headers when calling the API gateway. As I said, it works fine immediately following the sign-in and for a while until an hour passes and it appears the ID token expires. Not sure what else to do to get the tokens refreshed.
Everything I read says that calling the currentSession will refresh the tokens, but that is not what I am experiencing.
Is there something else I should be doing? Has anyone else seen this?
Thanks.