Selective application of JWT expiration check for specific operations
havardox opened this issue · comments
Currently, in Django GraphQL JWT, when the JWT_VERIFY_EXPIRATION
setting is set to True, JWT expiration is enforced globally for all GraphQL mutations and queries. Any time you want to query something and the token has expired, it just gives the "Signature has expired" error message. I would want to instead apply JWT expiration selectively to specific operations instead of applying it to my entire API. Is there any way to do that?
Edit: It seems to only apply when the jwt_cookie
decorator is enabled in urls.py
. It reads the HttpOnly cookie and sees that the token is expired and throws the "Signature has expired" message, even when the resolver itself doesn't require JWT authentication.