Replies: 1 comment
-
I've added it to the roadmap to consider adding the |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hi,
Related to #2458 - if we store the OAuth access token ourselves, we don't know how long it is valid for.
The OAuth2.Token has an Expiry field, perhaps this could be added to the Pocketbase AuthUser struct and the corresponding OAuth providers.
If that sounds sensible, I would be happy to add that in and send a PR. Right now I am only using the Github provider, so can easily test with that, but not sure about the others. I could also submit a PR updating just Github, and someone else can fill in the other providers as they are being updated / tested.
Another thought is to tie the Pocketbase JWT expiry to the access token expiry, but I imagine that might not be desirable for all cases. Maybe as a configurable option for OAuth collections? That would be a bigger / separate feature though.
For what it's worth. Github has a fixed 8h token expiry which makes this issue less urgent for my case. However, it would still be good to parameterize the expiry whenever possible, so we can properly manage refreshing as necessary.
Beta Was this translation helpful? Give feedback.
All reactions