This PR introduces the expiration times and activation codes for app tokens according to this RFC. These changes is fully backward-compatible, so it is possible to update server without waiting for the client changes.
This PR also fixes the realtime authorization problem described here. Every 5 minutes the special periodic job re-authorizes all active realtime connections. If some token appears to be expired or inactivated by owner, this connection becames unauthorized.
This PR introduces the expiration times and activation codes for app tokens according to this RFC. These changes is fully backward-compatible, so it is possible to update server without waiting for the client changes.
This PR also fixes the realtime authorization problem described here. Every 5 minutes the special periodic job re-authorizes all active realtime connections. If some token appears to be expired or inactivated by owner, this connection becames unauthorized.