You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Sep 11, 2024. It is now read-only.
On user login send a refresh token with expiry date to the client.
When the JWT is expired, the client can request a new JWT using stored refresh token without making user to login again.
@tuupola Wouldn't regenerating the token on each request mean that you could potentially end up with a lot of valid tokens that are not in use and hasn't expired? Say that my token has a lifespan of 15 minutes and that I make 10 requests to the server in 3 minutes. Not unrealistic I would think. If I regenerate the token on each request, then I would end up with 10 unexpired tokens, 9 of which are no longer being used.
Of course the server doesn't store the tokens, and I only store the latest token on the client, so I guess the only real issue is if the tokens were intercepted somehow.
Sign up for freeto subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Is there a way to auto bump up the expire date of a token on decode?
The text was updated successfully, but these errors were encountered: