Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Isn't there any refresh token mechanism for the JWT authentication ? #10

Open
StitiFatah opened this issue Apr 21, 2023 · 0 comments
Open

Isn't there any refresh token mechanism for the JWT authentication ? #10

StitiFatah opened this issue Apr 21, 2023 · 0 comments

Comments

@StitiFatah
Copy link

StitiFatah commented Apr 21, 2023
edited
Loading

Hi,

I experienced being disconnected really often, the access token has a 1 day lifetime but isn't there any refresh token mechanism to refresh it ?
The UX isn't great since it's not an app where you want maximal security like a bank application or whatever.

If it's too tedious to implement why not just using session auth ? It works fine with DRF as well

REST_FRAMEWORK = {
    "DEFAULT_AUTHENTICATION_CLASSES": [
        "rest_framework.authentication.SessionAuthentication",
        # "rest_framework.authentication.TokenAuthentication",
        # 'rest_framework_simplejwt.authentication.JWTAuthentication',
    ],
}

And is easy to implement in your (Vue) frontend with something like that :

import axios from "axios";

axios.defaults.xsrfCookieName = "csrftoken";
axios.defaults.xsrfHeaderName = "X-CSRFTOKEN";

export const BASE_API_URL = process.env.MY_DOMAIN

const axiosInstance = axios.create({
  baseURL: BASE_API_URL,
  timeout: 10000,
  withCredentials: true,
});

export { axiosInstance };
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@StitiFatah