Comments (4)
There is a condition to skip validating the expiry when refreshing the token Ref: https://github.com/Gokul595/api_guard/blob/master/lib/api_guard/jwt_auth/authentication.rb#L44. May be the controller_name
didn't return expected value there due to customisation. Can you please share the users/tokens
controller code for my reference to debug?
from api_guard.
@Bilanuk We can refresh expired access token using a valid refresh token (Ref: https://github.com/Gokul595/api_guard#refresh-access-token). Do you have custom routes for refreshing token, can you share your routes.rb
file code?
from api_guard.
@Bilanuk We can refresh expired access token using a valid refresh token (Ref: https://github.com/Gokul595/api_guard#refresh-access-token). Do you have custom routes for refreshing token, can you share your
routes.rb
file code?
Here is my routes:
Rails.application.routes.draw do
scope :api, defaults: {format: :json} do
scope :auth do
api_guard_routes for: "users", controller: {
registration: "users/registration",
authentication: "users/authentication",
passwords: "users/passwords",
tokens: "users/tokens"
}
end
get "/user-info", to: "users#show" # just for test purpose
end
end
But in tokens#create we do have before_action :authenticate_resource that triggers jwt access_token decoding. But since our token is expired we can't decode it and get 401 response.
I did all steps for configuring refresh tokens from Readme, but still I don't understand part of expired access token.
Or maybe I am doing something wrong?
from api_guard.
There is a condition to skip validating the expiry when refreshing the token Ref: https://github.com/Gokul595/api_guard/blob/master/lib/api_guard/jwt_auth/authentication.rb#L44. May be the
controller_name
didn't return expected value there due to customisation. Can you please share theusers/tokens
controller code for my reference to debug?
Thanks! I did debugging by myself and now refreshing logic seems to be working correctly with expired access token. Guess it was naming problem in my controller or smth so it was trying to verify expired jwt token.
from api_guard.
Related Issues (20)
- Resource is shared with multiple requests(even unauthenticated ones) HOT 2
- Expiring Refresh Tokens HOT 9
- authenticate_and_set_user without restricting access HOT 2
- Guest access without bearer token HOT 1
- POST data to sign_up doubt HOT 2
- ActionCable support? HOT 6
- [Question] How to set a cookie in authentication response? HOT 1
- How to map to Users::User? HOT 3
- Is there any way to implement HTTP Only Cookies? HOT 9
- Ability to turn off routes / feature such as deleting accounts HOT 1
- How to issue a token outside api guard default controllers HOT 2
- Rails 6.1 undefined method 'day' for 1:Integer HOT 2
- Ability to not only change password but also to reset forgotten password
- How to send a new access token to the browser before the old access token expire? HOT 1
- Error when use nested routes like /api/v1/api_guard HOT 2
- Could we extend to use public/private keys? HOT 1
- Issue with a custom logout route HOT 3
- refresh tokens is not set in the headers
- Avoid creating new refresh token when retrieving new access token HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from api_guard.