Overview
The global application authentication handling - login & logout and the context which is shared across the entire application.
Authentication process
The process is shown below. Login and Refreshing the token have much the same impact - in that a new token is returned and the auth cookie is updated with the new token, and the expiry of the token set to now+60 minutes.
Within the graphQL context, the last access time of any query is kept, and used as a proxy indication of active usage on the site. There is an exception for syncInfo which runs on a timer and therefore doesn't require user intervention, and refreshToken as this is also called from a timer.