Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

JWT auth needs to have refreshToken to keep access_token ttl short #8

Open
3 of 5 tasks
pbalan opened this issue Jul 3, 2022 · 0 comments
Open
3 of 5 tasks

JWT auth needs to have refreshToken to keep access_token ttl short #8

pbalan opened this issue Jul 3, 2022 · 0 comments
Assignees
@pbalan
Labels
enhancement New feature or request

Comments

@pbalan
Copy link
Owner

pbalan commented Jul 3, 2022
edited
Loading

Improvements to JWT authentication

  • Implement Refresh tokens to keep access_token ttl short (15 mins)
  • Refresh token ttl longer up to 1 day
  • Store refresh token on database to verify validity
    • Refresh token persistence will also allow user to leave the application and resume
    • Or logout upon which expiry time can be altered
@pbalan pbalan self-assigned this Jul 3, 2022
@pbalan pbalan added the enhancement New feature or request label Jul 3, 2022
pbalan pushed a commit that referenced this issue Jul 3, 2022
#8 add refresh tokens and store them on database
718ce06
@pbalan pbalan mentioned this issue Jul 3, 2022
Draft
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@pbalan pbalan

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@pbalan