Refresh access token generates new refresh token with new expiration time

hagopj13 / node-express-boilerplate

A boilerplate for building production-ready RESTful APIs using Node.js, Express, and Mongoose

MIT License

7k stars 2.06k forks source link

Refresh access token generates new refresh token with new expiration time #142

Open davidpirates opened 3 years ago

davidpirates commented 3 years ago

Refresh access token generates new access and refresh token pair which is fine. New refresh token generates with a next +2 days from current time. which gives +2 more session days. So thing is if i generate access token on daily basis then user will not be ask for login again.

While generating a new token pair, Need to use same expiration time that old refresh token have.

jleei commented 2 years ago

It should only generate an access token, I added a function that generates the access token.