New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
JWT-Refresh purpose? #125
Comments
Hi @g-w, |
Thanks for the fast reply. 10min is way too intimidating for my web app users, I guess asking for user/pass for inactivity oh 24h is more acceptable. This is such a wonderful project. Probably I may add some MongoDB persistence for user/pass/claims, if such functionality is accepted. |
Hi @Dragomir-Ivanov a persistance for user/pass/claims would of course be useful, but I would not include it in this project. It should live in a separate service. |
Hi @smancke , no problem. Any advice how we should connect It would be superb, if |
Hi @Dragomir-Ivanov, |
Thank a ton. Will take a look. |
What is the purpose of JWT-Refresh? When I set
-jwt-refreshes=5
,loginsrv
allows me to refresh a token,but only if it is alreadyvalid
i.e. NOT Expired. What is the purpose of refreshing still valid token? I would assume, Refresh should refresh already expired tokens, without asking for user/pass.Any advice appreciated, thanks!
The text was updated successfully, but these errors were encountered: