Alexxosipov
Reputation: 1234
JWT - TOKEN_EXPIRED after second refresh
I am developing an API server with laravel and tymon/jwt-auth. In the test envirovment TTL - 1 min, TTL_REFRESH - 2 min. Don't understand how the following algoritm works:
- The user logged in and received a token
- TTL of the token is expired, but TTL_REFRESH is not. User sends a request to the server to refresh the token
- The user uses a new token, but has not updated it in time. Token is expired again.
- When user trying to refresh the token at second time (first time was at 2 step), server sends
TOKEN_EXPIRED
If after 1 and 2 steps try to refresh the token with not-expired TTL, token will be refreshed. But if we refresh it once after expired, after second time (with expired token) server will send to client TOKEN_EXPIRED.
My question is why after the second token update with expired TTL, server not refreshes the token but send TOKEN_EXPIRED?
Upvotes: 0
Views: 1001
Answers (1)
Hamed Zarei
Reputation: 21
I think refresh token has been invalidate after first use
you must use new refresh token to refresh your jwt token and get new one
Upvotes: 1
Related Questions
- JWT Token Expired PHP Laravel
- Laravel : JWT token expired
- Laravel: After upgrade JWT then session expire become too often
- Laravel JWT Return Token But Returns Unauthenticated On Subsequent Request
- JWT/LARAVEL 5.6 refresh expired token
- laravel JWT token can be used just once and it gets invalid token on second try
- Laravel with JWT tokens returns a too long refreshed token
- Laravel `jwt.refresh` token?
- Laravel JWT tokens are Invalid after refresh them in a authentication JWT approach
- Laravel JWT dont expires