The JWT secret default expiry seems to be set to 7d. However one is not aware if those 7 days passed until after notes don't save and you get a popup of invalid token. Which is even more annoying in PWA. When that happens you have to sign out and log in again.
Proposed solutions could be:
- Make the 7d an environment variable so it can be adjusted per deployment
- Automatically renew the token upon activity
- Forcefully log out users when token has expired
While solution 2 is preferable, solution 1 is probably the easiest to implement and also gives everyone the flexibility to decide their preferred expiration date. Thank you!
The JWT secret default expiry seems to be set to 7d. However one is not aware if those 7 days passed until after notes don't save and you get a popup of invalid token. Which is even more annoying in PWA. When that happens you have to sign out and log in again.
Proposed solutions could be:
While solution 2 is preferable, solution 1 is probably the easiest to implement and also gives everyone the flexibility to decide their preferred expiration date. Thank you!