Cookie expiration and re-auth dead end.

[mkromann]

Overview/summary

We have multiple custom non-embedded apps. We are often struggling to keep devices logged in and feel we have to excessively re-auth. The auth cookie expires on session end. Another issue, is that we often find ourselves in auth dead-ends, and the user have to navigate through the Shopify interface to re-auth, as the device have no idea which shop the app belongs to. I feel like this is inconsistent for us, as I think you save shop in a cookie as well and make a redirect? However, for some devices this does not seem to work as expected?

Scenarios:
We have a dashboard app that is hung on the wall in our stores. These devices are automatically put in sleep mode depending on time of day, vacations, etc. When they wake up, they are programmed to show the dashboard again. However, at this point the device will have to re-auth as the auth-session ended when the device slept.

We are using the remix template but I believe this is the correct place for this issue? I am not really comfortable in auth, so just reporting the issues we face.

[lizkenyon]

Hi there 👋

Thank you for the flag. Will bring this to the team to review.