If you leave the login page opened in a tab and then come back say after few hours and fill in your details it doesn't allow you to login (even if you enter correct credentials). I understand that the csrf token gets expired and simply refreshing the page and submitting the login details again makes it work.
However, some of our users get annoyed with this experience (to have to enter login details twice).
What can I do to make it eliminate these expired token scenarios?
I have these in mind, To increase expiry of csrf token Maybe to add meta page refresh on Login page?
or do you have a better solution in mind?