Automatically Prolong JWT Token #251

okyksl · 2018-11-09T15:39:27Z

We have to automatically prolong JWT token whenever it is close to expiration time. Here is a related discussion I found on stackoverflow.

srknzl · 2018-11-09T18:58:48Z

Yes I am reading it. And we can do this I think :

A good pattern is to refresh the token before it expires.

Set the token expiration to one week and refresh the token every time the user open the web application and every one hour. If a user doesn't open the application for more than a week, they will have to login again and this is acceptable web application UX.

To refresh the token your API needs a new endpoint that receives a valid, not expired JWT and returns the same signed JWT with the new expiration field. Then the web application will store the token somewhere.

srknzl · 2018-11-10T16:21:16Z

This is done , close ?

okyksl · 2018-11-10T21:50:57Z

Nope, it's not handled.

okyksl added Type: Enhancement Priority: Low Platform: Frontend Platform: Backend labels Nov 9, 2018

okyksl added this to the Milestone #13 - Full Product milestone Nov 14, 2018

okyksl assigned akaogluozgur Nov 14, 2018

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Automatically Prolong JWT Token #251

Automatically Prolong JWT Token #251

okyksl commented Nov 9, 2018

srknzl commented Nov 9, 2018 •

edited

Loading

srknzl commented Nov 10, 2018

okyksl commented Nov 10, 2018

Automatically Prolong JWT Token #251

Automatically Prolong JWT Token #251

Comments

okyksl commented Nov 9, 2018

srknzl commented Nov 9, 2018 • edited Loading

srknzl commented Nov 10, 2018

okyksl commented Nov 10, 2018

srknzl commented Nov 9, 2018 •

edited

Loading