I am using NestJS with the passport-jwt Strategy and have set ignoreExpiration to false. However, is it possible to set it to true only for the JWT refresh endpoint? I thought of adding a custom annotation/decorator (@JWTIgnoreExpiration()) to my refresh endpoint, but I don't know how I can address ignoreExpiration then. Is this possible with passport-jwt?
Alternative would be to set ignoreExpiration to true and check it manually in a NestJS guard, however then I had to check the iat and exp by hand and not by the official jwtService.verify function.
I found a workaround: Add two passport-jwt strategies, one with ignoreExpiration true and one with false and then use the correct one on the refresh route using @UseGuards()
I am using NestJS with the passport-jwt Strategy and have set
ignoreExpiration
tofalse
. However, is it possible to set it totrue
only for the JWT refresh endpoint? I thought of adding a custom annotation/decorator (@JWTIgnoreExpiration()
) to my refresh endpoint, but I don't know how I can addressignoreExpiration
then. Is this possible with passport-jwt?Alternative would be to set
ignoreExpiration
totrue
and check it manually in a NestJS guard, however then I had to check the iat and exp by hand and not by the official jwtService.verify function.