Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Don't expire tokens by default #18

Open
lserman opened this issue Mar 1, 2016 · 4 comments
Open

Don't expire tokens by default #18

lserman opened this issue Mar 1, 2016 · 4 comments

Comments

@lserman
Copy link
Contributor

lserman commented Mar 1, 2016

We should provide an API for cycling tokens instead of expiring them after 14 days.

@fbcouch
Copy link

fbcouch commented Mar 2, 2016

It would be nice to have something like google where you have a token for each session and you can expire them individually

@lserman
Copy link
Contributor Author

lserman commented Mar 2, 2016

What's the value in that, and how would that work?

@RileyMills
Copy link
Contributor

Value is you can track individual device sessions, so you know what was done by which device. As for implementing it, users could have_many session tokens, instead of just the one.

@lserman
Copy link
Contributor Author

lserman commented Mar 2, 2016

That would be sweet actually, then we can manage authentication tokens within an engine model instead of shimming authentication_token onto the existing user model. Let's do that.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants