Users install our app as a PWA on their mobile devices. One common pattern is they’ll login, use the app for a while, and then navigate away from the app (e.g., by using some other app on their phone). When they reopen it, they are often redirected back to the login screen as opposed to the view they left.
We’re logging session terminations using SessionDestroyListener
and confirmed that their sessions haven’t actually terminated. As further evidence, the same behavior sometimes happen in Chrome, but if they manually change the path from \login
to \somepage
, they do indeed continue their session without re-authenticating, but this isn’t doable in a PWA, of course, leading to user frustration.
This behavior is intermittent (the worst kind of bug).
Some relevant config:
server.servlet.session.timeout=72h
spring.session.timeout=86400
App is hosted on AWS ECS/Fargate as a Docker container, fronted by a load-balancer.
Any ideas on what we might be doing wrong, or things we can do to improve the situation?