We are building an server-client application. For authentication we are using JWT at the moment, but that isn't a must and could easily be replaced by something else.
The Client App (Android and iOS) has to be offline capable. That is a must-have! And a second requirement is, that the user on that app might change. Par example the smartphone is placed in a car and the employee driving that car changes from day to day.
So, Situation now could be: Client App does things which have to be transferred to the server, but smartphone has no mobile connection. Data can't be transferred to the server at the moment. User A turns off phone and leaves it behind. Next day a different user B logs in. In the meantime over the night the token of user A expired. How do we get the data of user A, which still hast to be synchronized to the server, but also ensuring proper security.
Are there best practices to do such a thing?