Skip to content

Add JWT token refresh endpoint #5195

New issue
New issue
Closed
Closed
Add JWT token refresh endpoint#5195
Assignees
tiagoapolo
Labels
apiIssue related to the REST API
@khvn26

Description

@khvn26
khvn26
opened on Mar 6, 2025
  1. Expose rest_framework_simplejwt.views.TokenRefreshView. Subclass it so it sets an cookie in lieu with current auth views (see authorise_response for implementation).
  2. Extend authorise_response to set both access and refresh tokens.
  3. We'll probably need to change the SIMPLE_JWT["AUTH_TOKEN_CLASSES"] setting and switch from SlidingToken to AccessToken.
  4. Make the default token lifetime significantly shorter, as they won't be invalidated anymore.
  5. Refresh tokens should be invalidated on logout and password change.

Refer to simplejwt documentation in order to perform the above.

Metadata

Metadata

Assignees

Labels

apiIssue related to the REST API

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions