Closed gassan closed 1 year ago
Tmeister
commented
1 year ago Sorry,
I don't know how this is helpful.
Could you provide a user story explaining how you will use it?
The token is supposed to have a short life, and you can increase that lifespan using hooks.
I think implementing a refresh token feature is better, yet that token will expire and some point, too.
atiqsamtia
commented
7 months ago This would be helpful in a scenario where another plugin or custom code in the theme wants to create a token for user based on some other conditions. For example in one of my use cases
When an order is created through checkout, it redirects to thankyou page with uniquely identifying orderKey. I want to login a user based on that orderKey so I find the user based on orderKey and call your plugin generate token instead of copying the whole implementation into my child theme.
This does not add any direct functionality to your plugin but it makes your plugin code to be reuseable in some other edge cases where WP_User object is present but username/password are not. Hope this makes sense.
$jwt = new Jwt_Auth_Public();
$token = $jwt->generate_token_for_user( $user );Can I send a pull request similar to this one and add this functionality?
it allows to generate token for a user without knowing his username and password. it allows to refresh an jwt token if client goes online again. Otherwise after 1 week (lifespan of a token) a user must be asked for a password again.