How to debug Pow persistent session issue

Hi all, sorry if this is a vague question. I have a Phoenix API set up with Pow, with the PowPersistentSession extension enabled (using mnesia). This is an API backend with a React app as the frontend. I was serving the React frontend at localhost:3000 and the Phoenix backend at localhost:4000. Since I plan to serve both the React & Phoenix apps through the same domain in production, I’m using cookie authentication.

Now the weird thing is, the persistent session gets dropped (i.e. Pow.Plug.RequireAuthenticated rejects my cookie) sometime in like less than an hour. Basically the frontend will just get logged out randomly. However, when I manually tested it, the session could indeed survive a backend server & frontend server restart.

I’m kinda lost how to debug this issue since. Could it be due to the frontend & backend being served on different ports or something…?

Here is some relevant config code:

# config.exs
# Configure Pow
config :myapp, :pow,
  user: MyApp.Users.User,
  repo: MyApp.Repo,
  web_module: MyAppWeb,
  extensions: [PowPersistentSession],
  controller_callbacks: Pow.Extension.Phoenix.ControllerCallbacks,
  cache_store_backend: Pow.Store.Backend.MnesiaCache

# endpoint.ex
  plug Plug.Session, @session_options
  plug Pow.Plug.Session, otp_app: :myapp
  plug PowPersistentSession.Plug.Cookie
  plug MyAppWeb.Router

# router.ex
  pipeline :api do
    plug :accepts, ["json"]

  pipeline :protected do
    plug Pow.Plug.RequireAuthenticated, error_handler: MyAppWeb.AuthErrorHandler


  scope "/api", MyAppWeb do
    pipe_through [:api, :protected]

   # GET /session is the path that I get 401 back from
    resources "/session", SessionController, only: [:show, :delete], singleton: true

    resources "/clients", ClientController, only: [:index, :create, :show]

I’ve also added :mnesia to extra_applications in mix.exs and Pow.Store.Backend.MnesiaCache to the supervision tree.

Ever figure out the answer? I’m running into the same problem.