This repository has been archived by the owner on May 7, 2021. It is now read-only.

BE: Extend user's session with refresh tokens #456

Open

3 tasks

ronaldheft-gov opened this issue Dec 2, 2020 · 0 comments

Open

3 tasks

BE: Extend user's session with refresh tokens #456

ronaldheft-gov opened this issue Dec 2, 2020 · 0 comments

Labels

backend needs grooming

Contributor

ronaldheft-gov commented Dec 2, 2020

The current session timeout is too low. User's should be able to extend their sessions beyond the default time via a JWT refresh token process.

Add a refresh token to the token payload
Implement a refresh token mutation to receive a new access token / refresh token combination
- This should validate the user is not disabled before handing out a new refresh token
Update the front-end to support the refresh token flow

ronaldheft-gov added backend needs grooming labels

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.