Refresh token being sent in each request?

adam-hanna / jwt-auth

This package provides json web token (jwt) middleware for goLang http servers

MIT License

231 stars 43 forks source link

Closed ernsheong closed 6 years ago

ernsheong commented 6 years ago

When using bearer tokens, you'll need to include the auth and refresh jwt's (along with your csrf secret) in each request.

The whole point of the auth token is so that we don't need to send the refresh token each time?

adam-hanna commented 6 years ago

Agreed. I just pushed a new version that makes them optional. Thanks for the feedback!