Hi,
I think your issue might be related to what we call a "refresh token"[1]. Normally the tokens are renewed in the background of the code with the server and this is seamless for the user. When a session expires, the background code it suppose to keep track of that and ask for a refresh token from the server in order to reset slightly before the expiration of the session and continue seamlessly.
In this case, if you're clearing cache and restarting computer, you're also essentially clearing the session and asking for a new token but as part of a new handshake rather than a continued refresh token for the same session. Your flow might be missing the "refresh token" or something of equivalent. I don't think it will help to provide you best coding practices from Google because it's the DUO service/workflow that chooses how to renew those tokens and it's their ask on how to code it to make it fit their service. You should check their documentation. However, if it's a standardized workflow (whichever it is), you can look it up publicly.
Please keep in mind, I'm only going on a hunch for this refresh token hypothesis, due to little info and unsupported product, I am not sure. Hopefully this should unblock you. If no one else can help, please also try a DUO forum since it's related to their product. They must have best coding practices from their own service, depending on the technologies they use. Thank you.