Sahil1786 / Petari

Food donate Web App
Other
56 stars 111 forks source link

Feature:Access Token & Refresh Token #205

Open Vinaysohaliya opened 4 months ago

Vinaysohaliya commented 4 months ago

Is your feature request related to a problem? Please describe. i want to add access token and Refresh token because I'm was very frusted when web/app tell me login again and again

Describe the solution you'd like I would like to implement a system that uses access tokens and refresh tokens to manage user authentication. The solution should:

=>Generate Access Tokens: Upon successful login, an access token should be issued with a short expiration time (e.g., 15 minutes). =>Generate Refresh Tokens: Along with the access token, a refresh token should be issued with a longer expiration time (e.g., 7 days). =>Automatic Token Refresh: The client application should automatically use the refresh token to obtain a new access token when the current one expires, without requiring the user to log in again. =>Secure Storage: Tokens should be securely stored in the client (e.g., HttpOnly cookies or secure storage mechanisms). =>Token Revocation: Implement a mechanism to revoke refresh tokens upon user logout or other security events.

Describe alternatives you've considered =>Persistent Login Sessions: Using long-lived access tokens. However, this increases the security risk if the token is compromised, as there is no mechanism to refresh or revoke the token easily.

Additional context =>Problem to Solve: This feature aims to solve the problem of frequent user logouts, which can be frustrating and disruptive to the user experience.

kidly assign into me under GSSOC 24

github-actions[bot] commented 4 months ago

Congratulations, @Vinaysohaliya! 🎉 Thank you for creating your issue. Your contribution is greatly appreciated and we look forward to working with you to resolve the issue. Keep up the great work!

We will promptly review your changes and offer feedback. Keep up the excellent work! Kindly remember to check our contributing guidelines