With msal.js library (The Microsoft Authentication Library), which is the way to know if a given user is already logged in? My intention is to avoid to show login pop-up if the user's credentials are already saved in browser's storage
My current approach:
function isUserLoggedIn(username) {
const agent = msal.UserAgentApplication(...);
const user = agent.getUser();
return user != null && user.displayableId === username);
}
But I'm not sure if I have to check if the user credentials are outdated/expired. Which is the proper way to go?
With the MSAL agent instance, you can get user information because it is cached. Getting information (such as the userId) doesn't mean that the user's credentials are still valid (logged in). To be 100% sure that the user is logged in, ask for a token
const promise = agent.acquireTokenSilent(...)
If the user is not logged in, the promise will be rejected with the error code user_login_error If, on the other hand, the user is still logged in, the promise will be resolved