Remember Me on login (Xano)

Has anyone implemented “remember me” functionality on login with Xano? I have an idea of how to do it, but I was curious if anyone has already done this.

1 Like

Hi @lyricalsprite :wave:

Interesting use case. I haven’t explored it yet but I’m thinking you’ll want to do most of the heavy lifting in Xano to keep your app secure despite the longer auth time.

Just had a quick look at these topics online (here, here, and here)

What did you have in mind? Is there something specific you had doubts on?

1 Like

This would be really useful if its something we can implement. I have a PWA I build for a client and although the Auth token isnt set to expire for something wild like 6 months, myself and a few others stay logged in. Whereas lots of people on other devices such as Android seem to have to log into the PWA repeatedly to use it.

2 Likes

@Joyce I’m building an app where I expect users to close out and come back to it later. The user expectation is to not have to login every single time they visit.

@mark that’s similar to my use case. I’ve detailed the steps I’ve used below in case you want to try implementing something similar yourself.

I have implemented and tested a solution for this. I’ve detailed the necessary pieces below in case anyone else needs them.

Prerequisites

  • Use Xano auth/login with built-in Create Authentication Token (you can play with the expiration [seconds] to test this all)

Implementation

  1. Create ‘remember-me’ checkbox on login page
  2. Change your login form workflow to (after successful authentication) store the Xano auth token in local storage
  3. Create an app workflow (on app load before fetching collections) to check if the Xano auth token exists in local storage. If so, call Xano Auth built in functions Store Auth Token (with the token fetched from local storage) and then the Xano Fetch User function. ALSO create an error workflow to navigate the user back to the login page if a problem arises. (For tokens that are expired, the error will arise in Xano’s Fetch User function since the token you are using to try and fetch the current user is expired.)
  4. Create a page workflow for your login page (page loaded) to check if the user is already authenticated (use the built-in Xano auth variable for isAuthenticated). If true, redirect to somewhere that makes sense like a user dashboard.
  5. Create or modify your logout button so that it also clears your local storage of the remembered auth token
  6. Go into Xano and set your token expiration in your auth/login to be 2592000 (that’s 30 days in seconds)
  7. Be sure to test all of this yourself. You can set the Xano token expiration to something small like 300 (5 minutes) so you can easily test the full behavior.
  8. Profit💰

I’ve tested this all, and it seems to work fine, though there may be some room for improvement since I’m pretty new to WeWeb. :smiley_cat:

3 Likes

Really cool! Thanks so much for taking the time to share @lyricalsprite :slight_smile: Really appreciate it. Nice last step too :rofl::rofl:

Ah yes, I experienced something similar with a personal project. A user mentioned there was something specific to do for Android but I can’t remember what it was :grimacing: Let me see if I can dig that up for you

1 Like

Thanks! I’ll test it out!

Hello !
Anyone has any update on that topic ? :smiley:
I face the same use case as @lyricalsprite

Thanks!