ObtainJSONWebToken does not return refresh token

Question

nrbnlulu opened this issue 2 years ago · comments

ObtainJSONWebToken mutation does not return refresh token even though it is in the schema
and the graphene version had it.

ניר · Answer 1 · Mon Mar 28 2022 02:19:43 GMT+0800 (China Standard Time)

Solution:
set

JWT_LONG_RUNNING_REFRESH_TOKEN": True

ניר · Answer 2 · Mon Mar 28 2022 02:20:18 GMT+0800 (China Standard Time)

This library has very weird way of doing things (;

Vojtěch Dohnal · Answer 3 · Sun Jul 24 2022 16:22:37 GMT+0800 (China Standard Time)

I have changed this in f3a0afc. Now refresh_expires_in is returned only if refresh tokens are enabled in settings.

ניר · Answer 4 · Sun Jul 24 2022 16:28:40 GMT+0800 (China Standard Time)

Thanks for letting me know, Nice to hear from you from a time to time 🙃

Oleksandr Yemets · Answer 5 · Mon Jul 25 2022 17:44:53 GMT+0800 (China Standard Time)

For other developers wandering here in order to get refreshToken, you should add this section into your settings.py file:

GRAPHQL_JWT = {
    "JWT_LONG_RUNNING_REFRESH_TOKEN": True,
}

Vojtěch Dohnal · Answer 6 · Tue Jul 26 2022 01:46:52 GMT+0800 (China Standard Time)

That is correct, if you set JWT_ALLOW_REFRESH to True (which is ON by default), you can use access tokens as single-use refresh tokens.

Oleksandr Yemets · Answer 7 · Tue Jul 26 2022 16:03:44 GMT+0800 (China Standard Time)

... but in order to make it useful, you also have to force the module to invalidate expired token with settings like this:

GRAPHQL_JWT = {
    "JWT_VERIFY_EXPIRATION": True,
    "JWT_LONG_RUNNING_REFRESH_TOKEN": True,
}