Hilla Documentation

Hilla Documentation

Handling Session Expiration

How to detect session expiration, for example to show a login view to the user.

Use the built-in middleware InvalidSessionMiddleWare to detect session expiration. For example, you could use this to show a login view to the user.

How to Use the InvalidSessionMiddleWare

InvalidSessionMiddleWare requires OnInvalidSessionCallback as a constructor parameter. OnInvalidSessionCallback is a function that takes no parameters and should return a promise of LoginResult. LoginResult contains the metadata of a login result, including:

error

Indicates whether the login attempt has failed.

token

In the event of a successful login, this is the cross-site request forgery (CSRF) prevention token, which can be extracted from the index.html page. See CSRF Protection of Hilla Endpoints for more information.

errorTitle

A short text describing a login error.

errorMessage

A more detailed explanation of the login error.

Example using InvalidSessionMiddleWare
import { ConnectClient, InvalidSessionMiddleware } from '@hilla/frontend';
import { setSessionExpired } from '../auth';
const client = new ConnectClient({
  prefix: 'connect',
  middlewares: [
    new InvalidSessionMiddleware(async () => {
      setSessionExpired();
      const { LoginView } = await import('./login-overlay');
      return LoginView.showOverlay();
    }),
  ],
});
export default client;