Details
-
Improvement
-
Resolution: Fixed
-
Major
-
None
Description
I was testing custom authentication with a mobile client to uses continuous replication.
I’m using the SessionAuthenticator and passing in the session_id from Sync Gateway and can authenticate fine. What is unexpected is that continuous replication continues without any issues even after the session has expired on Sync Gateway. I am checking for errors in the replicator change listener but there are no errors. I was expecting to see a 401 after the session expired.
As per mobile-support Slack channel: For a 2.x continuous replication, the client only authenticates once (at the start of the replication). Sync Gateway doesn't currently do any periodic checks to see if the session that was originally used for authentication is still valid.
Need to update documentation at https://docs.couchbase.com/sync-gateway/current/authentication.html#custom-authentication to reflect that continuous replication will not detect session expiration but one-shot replication will detect when a session expires.