The devise-api gem is a convenient way to add authentication to your Ruby on Rails application using the devise gem. It provides support for access tokens and refresh tokens, which allow you to authenticate API requests and keep the user's session active for a longer period of time on the client side
MIT License
152
stars
22
forks
source link
Does token refresh work when the access token has expired? #12
Hi, I begin to use devise-api and I found it a great gem, thanks.
However, I do not understand how the refresh token works.
My configuration is like suggested, but I do not see any reference for refresh_token expiration: api.refresh_token.expires_in seems be the api.access_token.expires_in to me.
Hi, I begin to use devise-api and I found it a great gem, thanks.
However, I do not understand how the refresh token works.
My configuration is like suggested, but I do not see any reference for refresh_token expiration:
api.refresh_token.expires_in
seems be theapi.access_token.expires_in
to me.Thus, to test it, I decrese the access_token expiration to 5 seconds, and it got the record at database in the table
devise_api_tokens
However, when I go to refresh this token , I got "token has expired":
Finally, It seems to be get the same reference of token expiration than access token. But on your code I found this reference :
And now , I am lost. Could someone help me, please?