Reputation: 4979
JWT/Laravel Extend token expiration lifetime
I am usig JWT to manage the user access to our API system. The problem I am facing is that the token is expiring after some few minutes. How can I make the JWT token expires in such a way that it only expires when user manually logs out.
Thanks.
Upvotes: 0
Views: 7049
Answers (3)
Reputation: 497
You need to store the expiration time for a token server side instead of inside the token. This means that you don't set the exp key in the token. You can for example store the jti with an expiration time in the database. When the token is then received for authentication you can validate the token and then check the last seen date of the token based on the jti stored in the database with the expected lifetime and current time. If the token is still valid you reset the last seen date of the jti to the current time.
Upvotes: 0
Reputation: 51
Add 'exp' in an array as a second parameter for the 'attempt' method. This 'exp' is timestamp.
For example:
$token=JWTAuth::attempt(
['email'=>$email,'password'=>$password],
['exp' => Carbon::now()->addweek()->timestamp]
);
Upvotes: 1
Reputation: 1
In laravel 5.3, i simply comment the line in config/jwt.php ie..,
// ttl => 60
and now the time-to-live not exist and token expiration is lifetime.
and for invalidate the token use this below code in logout() i.e, JWTAuth::invalidate(JWTAuth::getToken());
Upvotes: 0
Related Questions
- JWT Token Expired PHP Laravel
- Set expiry time for laravel jwt dynamically
- Laravel : JWT token expired
- Set expire time in lumen jwt token
- Laravel passport extend access token's expiration time
- JWT/LARAVEL 5.6 refresh expired token
- Invalidate JWT Token only after a period of inactivity
- How handle token expiry in jwt laravel 5.3?
- How to set expire time of JWT Token in Laravel 5.1
- Laravel JWT dont expires