We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
The cookie expiration is hardcoded as '4 weeks' on JWT.pm, line 227
my %cookie = (value => $encoded, name => '_jwt', expires => "4 weeks", path => '/', http_only => 0);
It should be changed to use the actual exp claim from the JWT payload.
exp
The text was updated successfully, but these errors were encountered:
I propose the following patch
--- a/lib/Dancer2/Plugin/JWT.pm -- +++ b/lib/Dancer2/Plugin/JWT.pm @@ -224,7 +224,7 @@ on_plugin_import { relative_nbf => $need_nbf ); $response->headers->authorization($encoded); - my %cookie = (value => $encoded, name => '_jwt', expires => "4 weeks", path => '/', http_only => 0); + my %cookie = (value => $encoded, name => '_jwt', expires => time + $need_exp, path => '/', http_only => 0); $cookie{domain} = $cookie_domain if defined $cookie_domain; $response->push_header('Set-Cookie' => Dancer2::Core::Cookie->new(%cookie)->to_header());
since time provides the Unix-epoch and $need_exp is the number of seconds set via configuration.
time
$need_exp
Sorry, something went wrong.
Just a heads up. I have this already on my todo list, but busy in the last days. Will fix asap. Thanks for your help.
Merged. Will push commit and release in the next minutes. Thank you very much, sorry for the delay.
No branches or pull requests
The cookie expiration is hardcoded as '4 weeks' on JWT.pm, line 227
my %cookie = (value => $encoded, name => '_jwt', expires => "4 weeks", path => '/', http_only => 0);
It should be changed to use the actual
exp
claim from the JWT payload.The text was updated successfully, but these errors were encountered: