Handle Harvest auth token expiration.

[jgerigmeyer]

Pulling up a Trello board today, I noticed the reports weren't loading. Inspecting the XHR requests, I saw that all requests to Harvest were returning with 401 "token invalid or expired".

1. How long do the auth tokens to Harvest last? If they expire automatically, can we prevent that?
2. If not, can we handle expiration in a more robust way -- at the very least alerting the user?

[carljm]

Yeah, this needs to be handled better. The auth flow we are using is described at https://help.getharvest.com/api-v2/authentication-api/authentication/authentication/#for-client-side-applications so Harvest does give us the expiry time, we just currently aren't doing anything with it. At some point we need to just tell the user "you need to re-authorize, here's a link to do it." I kind of feel like regardless we should fall back to that whenever we see our API requests failing. Though I guess the ideal might be to also store the expiry time and if we notice it's coming up within a day (?), show a link to re-authorize along with the time data or something.

I don't see any way to extend or avoid the token expiration, which isn't surprising since ultimately it's a security concern for Harvest.

[jgerigmeyer]

I want to be prompted to re-auth when my Harvest auth token expires.