Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Refresh tokens #75

Closed
silverbackdan opened this issue May 13, 2020 · 0 comments · Fixed by #83
Closed

Refresh tokens #75

silverbackdan opened this issue May 13, 2020 · 0 comments · Fixed by #83
Projects
Version 2
Milestone
v2 alpha

Comments

@silverbackdan
Copy link
Collaborator

silverbackdan commented May 13, 2020
edited
Loading

We should implement best practices with refresh tokens, no exposing them to the end user and securely regenerating new JWT tokens. Invalidate refresh tokens once used and create a new one, and remove on logout.
@silverbackdan silverbackdan added this to the v2 alpha milestone May 13, 2020
@silverbackdan silverbackdan mentioned this issue May 20, 2020
Merged
18 tasks
@silverbackdan silverbackdan changed the title Logout extension to delete refresh token Refresh tokens May 22, 2020
@silverbackdan silverbackdan added this to In Discussion in Version 2 May 22, 2020
@silverbackdan silverbackdan linked a pull request May 29, 2020 that will close this issue
Refresh token #83
Merged
Version 2 automation moved this from In Discussion to Done May 29, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
Version 2
  
Done
Milestone
v2 alpha
Development

Successfully merging a pull request may close this issue.

Refresh token vincentchalamon/ApiComponentBundle
1 participant
@silverbackdan