Skip to content
This repository has been archived by the owner on Feb 24, 2021. It is now read-only.

Enable re-issue of JWT tokens with refreshTokens #53

Merged
merged 4 commits into from
Apr 23, 2018

Conversation

heysailor
Copy link
Contributor

No description provided.

@heysailor
Copy link
Contributor Author

Allows improving JWT security as discussed in #52

@heysailor
Copy link
Contributor Author

heysailor commented Apr 14, 2018

Handles the re-issue of expiring JWT tokens - helps fix #52

Adds:

  • GET auth/refresh which is called with valid JWT as an Authorization Bearer token, as is usual practice, produces a refreshToken for that user
  • POST auth/refresh which is called with a valid refreshToken in the request body, produces a new JWT token for that user
  • onRefreshRequest handler which allows block of the refresh request, ie blacklist checking
  • refreshTokenExpiry which sets the validity of the refreshToken.

@heysailor heysailor changed the title Enable expiration of JWT token Enable re-issue of JWT tokens with refreshTokens Apr 14, 2018
@nickredmark nickredmark merged commit ea1076c into nickredmark:master Apr 23, 2018
@nickredmark
Copy link
Owner

Awesome thanks!

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants