Jwt-auth: Refresh token flow

Simply set the JWT_BLACKLIST_GRACE_PERIOD in the config to something like 60 (seconds)

https://github.com/tymondesigns/jwt-auth/blob/develop/config/config.php#L188-L201

if you look at the config file you will see "blacklist_grace_period" parameter which you can set to non zero digit as grace time in seconds for a token to be blacklisted after

Sent from iPhone

On 22 Apr 2017, 2:40 AM +0500, Dragan Mijatovic notifications@github.com, wrote:
>

I have a problem with refresh tokebn flow.
The problem is that refresh token by default, if blacklisted is enabled, invalidate current token and generates new one.
On the other side if blacklist is disabled there is nbo way to invalidate token.
I have situation where client SAP app in angular has multiple async calls. In one moment token is expired a d client send requestr to refresh token. But in some situation there 2 or more asybnc request sent to refresh the token.
The first request pass ok. The next one fails.
I would like to have posibility to choose if token should be invalidated and then on the backed side I can put in dealyed queue to invalidate those tokens.
I do not know how to overcame this problem. Of course do not want to leave token valid after refresh. And APP is such that there are multiple async calls. And each call, if fail due to token expired esxception, will try to refresh the token.

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub (https://github.com/tymondesigns/jwt-auth/issues/1126), or mute the thread (https://github.com/notifications/unsubscribe-auth/AYvvstsNxR1D7IWQDWw5H6hEzxR9W4Dxks5rySJigaJpZM4NE0ZT).

Thanks a lot!!!!