search

TripleParity / docks-api

RESTful API Server for Docks
https://tripleparity.github.io/docks-api/stack-api-spec.html
GNU General Public License v3.0
0 stars 0 forks source link

Add expiration field to JWT #45

Open egeldenhuys opened 6 years ago

egeldenhuys commented 6 years ago

See RFC 7519

Field name: exp Data: Unix time when the token expires

I can't find any sources recommending the lifetime, so lets use an arbitrary value of 1 hour. If this causes inconvenience we can extend the lifetime and introduce 2FA for privileged operations

JWT Schema

{
    "username": "fred",
    "iat": 1516239022,
    "exp": 1516240000
}