ObtainJSONWebToken does not return refresh token
nrbnlulu opened this issue · comments
Solution:
set
JWT_LONG_RUNNING_REFRESH_TOKEN": True
This library has very weird way of doing things (;
I have changed this in f3a0afc. Now refresh_expires_in is returned only if refresh tokens are enabled in settings.
Thanks for letting me know, Nice to hear from you from a time to time 🙃
For other developers wandering here in order to get refreshToken, you should add this section into your settings.py file:
GRAPHQL_JWT = {
"JWT_LONG_RUNNING_REFRESH_TOKEN": True,
}
That is correct, if you set JWT_ALLOW_REFRESH
to True (which is ON by default), you can use access tokens as single-use refresh tokens.
... but in order to make it useful, you also have to force the module to invalidate expired token with settings like this:
GRAPHQL_JWT = {
"JWT_VERIFY_EXPIRATION": True,
"JWT_LONG_RUNNING_REFRESH_TOKEN": True,
}