OAuth tokens are expiring without being properly regenerated
Describe the bug
OAuth tokens are expiring without being properly regenerated.
How to reproduce
Using the latest release from the custom Fdroid repository, I'm having issues with the OAuth authentication. After a few days, it seems the application token expires silently. The application then fails for every request without an explicit message about authentication, the only way to tell is to watch the HTTP logs server-side.
As the application still thinks is is authenticated, I need to disconnect it, then redo the complete OAuth process to make it work again.
Something also seems to be wrong with the browser cache when I reauthenticate against the Funkwhale server. At first, I end up directly on the permission page without authentication and an error pops up when I try to accept.
What I need to do at this point is close the browser, re-enter the Funkwhale instance name a second time and the login process will then proceed normally.
The apps keeps a current and working OAuth token without user intervention past the first login.
The app credentials stop working after a few days.
- Device: Pixel 3a XL
- Android version: 11
- App version: 0.1.4-1-fd955bfc-fd955bfc 5a1f80e6f32ba84e8e9c1085cb (104001)
funkwhale-84d556bd97-tmm8k:api 2021-09-23 12:59:29,092 django.request WARNING Unauthorized: /api/v1/users/users/me/ funkwhale-84d556bd97-tmm8k:api 2021-09-23 12:59:29,057 django.request WARNING Bad Request: /api/v1/oauth/token/