Vikram Singh Chandel
Vikram Singh Chandel

Reputation: 1308

JWT Token expiration time increase

I have integrated JWT token with django-restframwork, here I have setted expiration time 15mints JWT_EXPIRATION_DELTA but it is getting expire before mentioned time(1mints) and I need to refresh the token for proceeding... PFB me configuration

Python 3.5
Django==2.0.5
djangorestframework==3.8.2
djangorestframework-simplejwt==3.2.3

Setting.py

REST_FRAMEWORK = {
    # Use Django's standard `django.contrib.auth` permissions,
    # or allow read-only access for unauthenticated users.
    'DEFAULT_PERMISSION_CLASSES': [
        'rest_framework.permissions.DjangoModelPermissionsOrAnonReadOnly'
    ],
    'DEFAULT_AUTHENTICATION_CLASSES': (
        'rest_framework_simplejwt.authentication.JWTAuthentication',
        'rest_framework.authentication.BasicAuthentication',
        'rest_framework.authentication.SessionAuthentication',
    )
} 

JWT_AUTH = {
    'JWT_EXPIRATION_DELTA': datetime.timedelta(seconds=900),
    'JWT_ALLOW_REFRESH': True,
    'JWT_REFRESH_EXPIRATION_DELTA': datetime.timedelta(days=7),
}

Please help, am I doing any mistake here.

Upvotes: 1

Views: 4859

Answers (2)

Chioma Igbokwe
Chioma Igbokwe

Reputation: 71

You can still use the djangorestframework-simplejwt and modify the time in your settings file instead

settings.py

from datetime import timedelta

...

SIMPLE_JWT = {
    'ACCESS_TOKEN_LIFETIME': timedelta(minutes=5),
    'REFRESH_TOKEN_LIFETIME': timedelta(days=1),
    'ROTATE_REFRESH_TOKENS': False,
    'BLACKLIST_AFTER_ROTATION': True,

    'ALGORITHM': 'HS256',
    'SIGNING_KEY': settings.SECRET_KEY,
    'VERIFYING_KEY': None,

    'AUTH_HEADER_TYPES': ('Bearer',),
    'USER_ID_FIELD': 'id',
    'USER_ID_CLAIM': 'user_id',

    'AUTH_TOKEN_CLASSES': ('rest_framework_simplejwt.tokens.AccessToken',),
    'TOKEN_TYPE_CLAIM': 'token_type',

    'SLIDING_TOKEN_REFRESH_EXP_CLAIM': 'refresh_exp',
    'SLIDING_TOKEN_LIFETIME': timedelta(minutes=5),
    'SLIDING_TOKEN_REFRESH_LIFETIME': timedelta(days=1),
}

Check out https://github.com/davesque/django-rest-framework-simplejwt

Upvotes: 3

Cuong Vu
Cuong Vu

Reputation: 3733

You're using djangorestframework-simplejwt but your config is for djangorestframework-jwt. Please uninstall djangorestframework-simplejwt and install djangorestframework-jwt instead.

pip uninstall djangorestframework-simplejwt

then

pip install djangorestframework-jwt More details here

Upvotes: 2

Related Questions