New refresh token with each login #1044
brendonanderson
started this conversation in
General
Replies: 1 comment 1 reply
-
I think that depends on application to application. You can have a single refresh token by user. You can generated a TTL (Time To Live) for each refresh token and expire them with an scheduled job.
Are you referring to the guide: https://guides.micronaut.io/latest/micronaut-security-jwt-gradle-java.html |
Beta Was this translation helpful? Give feedback.
1 reply
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Issue description
I have gone through the JWT example and implemented it locally.
It seems with each authentication using the
/login
endpoint, a new refresh token is generated, which makes sense. But the table holding the refresh tokens continues to grow.What is the recommended way to deal with these refresh tokens that seemingly will be around forever and continue to fill up table space?
Beta Was this translation helpful? Give feedback.
All reactions