Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Set default issued at time #307

Closed
derosm2 opened this issue Apr 29, 2019 · 2 comments
Closed

Set default issued at time #307

derosm2 opened this issue Apr 29, 2019 · 2 comments
Labels
discussion

Comments

@derosm2
Copy link

derosm2 commented Apr 29, 2019

Seems like there should be consistency between the different JWT gems/packages. The node package will generate an iat by default, while this gem does not.

From node-jsonwebtoken

Generated jwts will include an iat (issued at) claim by default unless noTimestamp is specified.
@hesalx
Copy link

hesalx commented Sep 10, 2019

I always thought of the standard as trying to make the token as small as possible by default. The claims are left for per-case basis and their usefullness highly depends on each partocilar use case.

The majority of my use cases didn't need to know the age or creation time of the token (iat) but the expiration time (some tokens were just exp value with a signature).

I personally don't like the idea to deviate from the standard just because other did that. Though it's up to the maintainers of the gem.

@anakinj
Copy link
Member

anakinj commented Sep 3, 2022

I have the urge to close this issue. I feel that the library should not take any decisions on behalf of the users and assume everyone wants something optional.

@anakinj anakinj closed this as completed Feb 2, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
discussion
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@excpt @anakinj @derosm2 @hesalx