tsukimi2
commented
3 years ago @ryanolee I'll have a try at this issue. ^_^
Closed ryanolee closed 3 years ago
tsukimi2
commented
3 years ago @ryanolee I'll have a try at this issue. ^_^
ryanolee
commented
3 years ago Great to hear. Let me know if you need any help with it @tsukimi2 👍
tsukimi2
commented
3 years ago Associated pull request mentioned above has been closed already with successful code merge. Closing this issue.
Problem
The application should have the ability to regenerate JWT tokens generated by the app. https://auth0.com/docs/tokens/refresh-tokens/get-refresh-tokens . Currently users are logged out every 24 hours due to the JWT they have expiring.
Possible solutions
Adding a library like https://www.npmjs.com/package/passport-oauth2-refresh to expose a new endpoint where refresh tokens can be rotated. And in doing so a new authentication token can be granted. In the context of the application this would result in us having sliding sessions meaning as long as a user is not inactive for > a set timeout they will maintain access to the bulk of the API