Feature: Option to store auth and automatically reauthenticate

[CosmicHorrorDev]

Feature Request

• Expose functionality from the API
• Add extra functionality in the library
• Other:

Description

So this will likely apply to people who are creating interactive interfaces instead of scripts/extensions/plugins that will be run in a quick session, but it would be nice for an option to automatically re-authenticate with the API after a timeout (15 minutes). This could be a param on AuthSubwinder where if credentials are passed in as parameters then they are stored in some way or another, and nothing special has to be done for env vars. I think the easiest solution is to keep track of when the last request was and reauth if it's over the 15-minute limit. The more robust way would be to try the request, then automatically reauth if the API throws an auth error, then retry the request again. If there are consistently auth errors then the request should fail and bubble up the error instead of retrying forever.

[CosmicHorrorDev]

I would love to hear some extra input about this though since it is technically dealing with some potentially sensitive information. Granted these have to be passed into the library at some point in time and it should be a privileged action to see other program's memory, but I'd love to hear if anything should be done from a security stance.

[CosmicHorrorDev]

Currently testing to see how strictly the delay is enforced. Will post back later with results.

[CosmicHorrorDev]

So after a few days of testing limits. It looks like the session timing out happens much slower than the documented 15 minutes. Because the session seems much longer I'm not gonna stress too much about this, but I'll leave the issue open regardless in case people start running into problems.