[DEPR]: Remove JWT_AUTH_REFRESH_COOKIE

[robrap]

Proposal Date

2023-04-12

Target Ticket Acceptance Date

2023-06-15

Earliest Open edX Named Release Without This Functionality

Quince - 2023-10

Rationale

The setting JWT_AUTH_REFRESH_COOKIE is meaningless and unused, and should be cleaned up to avoid confusion.

In the very early days of introducing MFEs, we thought we were going to need this cookie in addition to the JWT cookie. However, it turned out we didn't need it, but the setting stuck around the contagion of it (being in cookiecutter and other template libraries) has resulted in it uselessly being copied to many repos.

Removal

The setting JWT_AUTH_REFRESH_COOKIE can simply be removed with no ramifications.

Replacement

No replacement needed.

Deprecation

No response

Migration

No response

Additional Info

• See openedx org occurrences: https://github.com/search?q=org%3Aopenedx+JWT_AUTH_REFRESH_COOKIE&type=code

[Yagnesh1998]

@dianakhuang https://github.com/openedx/edx-platform/pull/32664 This pull request all tests passed successfully

[robrap]

[inform] I moved the edx org work to a separate ticket that would not block this DEPR: https://github.com/edx/edx-arch-experiments/issues/353.

[robrap]

@Yagnesh1998: If you could start by removing this from openedx/configuration. See https://github.com/search?q=repo%3Aopenedx%2Fconfiguration+JWT_AUTH_REFRESH_COOKIE&type=code. Once this is done, you can fix other repos. Thank you.

[Yagnesh1998]

assign me

[lokidil]

anyone is working on this ? is this closed ?

[Yagnesh1998]

@lokidil I'm working on it. Thanks.

[robrap]

Although there are still edx repos to complete, the openedx repos are complete and I am marking this as closed. Thank you @Yagnesh1998.