I’m reading through the updated documentation and noticed the explicitly defined rule about verifying access and authentication via OAuth with every page load. That makes perfect sense to me, and I agree.
However, the applications that I’ve been working on use twitch for authentication, and then create a persistent websocket connection to the server, which was a part of the OAuth handshake. That connection can last for days and transfer a considerable amount of data.
What would the right approach be in this case? Should I simply check in in the background periodically? What frequency of access is acceptable? Is there another solution?