"This session has expired" 400309 error on sessions >1h

Sendbird Chat API/SDK JavaScript
1

Hi, it’s me again.

Sendbird version: 3.0.144
Setup: React SPA

Introduction: (repetition, but with different problem another issue)

  1. Session token with validity of 8h is created.
  2. User is connected for listening to various events.
  3. User might or might not interact in any way with channels/messages/etc after that.

Problem: After around 1h we get

{
 code: 400309,
 error: true,
 message: "This session has expired"
}

both on ws and later on any user interaction, like trying to fetch messages.

  1. Error is not included in documentation
  2. SDK does not have a way to refresh the client session. There is only a SessionHandler that allows to react to issues connected with session, however it is neither included in the documentation nor it is clear if that refers session token or “client session”.
interface SessionHandler {
    onSessionExpired(): void;
    onSessionTokenRequired(resolve: (accessToken: string) => void, reject: () => void): void;
    onSessionRefreshed(): void;
    onSessionError(err: SendBirdError): void;
    onSessionClosed(): void;
  }
  1. Manual reconnection does not solve the issue.

Is there any way to smoothly react in this scenario? Will disconnection/reconnection on onSessionExpired be the option?

I must admit that calling this “session” makes life difficult, because expiration of “client session” is not connected with longevity of “session token”.

Thanks for help in advance

2

@TKawik, are you using:

Screenshot 2021-03-23 at 10.10.47
Screenshot 2021-03-23 at 10.10.47885×240 37.6 KB

to issue session tokens?

If you define 8hs then it should be good for that time. Can you please provide more details (code snippet or Api call maybe) so we can investigate in case or error? Thanks!

3

@walter.rodriguez
Correct. Our backend is using update user endpoint for creating the session token. However following that session issue I assume there are two expirations possible. One is from the client (expiration of the session) and second is expiration of the session token.

Do you have maybe information how long the session can be ongoing with expired session token (see the other issue)? I assume that’s an issue for us, that the user continues using SDK, when the session token expired. However that’s hard to debug, because of having this implicit timeout that we cannot control.

4

@walter.rodriguez and anybody who is interested in the topic.

The session expiration happens in case of locking the device (laptop or phone) for longer than 30 minutes. If user comes back after that time to the tab in the browser, the session will be expired, regardless of session expiration token.

onSessionExpired event will be triggered in that case from SessionHandler so you can have your logic around it.

For building general logic around tab visibility and/or locking the device, please check stackoverflow issue.

Takeaways:

  • SDK does not include that event, however TypeScript types reflect the possibilities well.
  • it is also not mentioned in guide section.
  • naming is confusing, because you have “client session” and also “server session”, which is also not documented.
3 Likes