Refresh Token

[jonagoldman]

Most auth implementations use a short lived access token and a longer living refresh token in order to securely maintain the user logged in. Basically the refresh token is used to generate a new access token once it has expired, and this is done without having to ask the user for login credentials again. I found a detailed explanation in the vue-auth package. Does this package support this in any way?

[dgrubelic]

For now, this library does not support automatic token refresh. You can provide another token in any ajax response (means that your api would take care of token's "expired" state) (in body [headers currently not supported]) and current one will automatically be replaced (if you are using vue-resource as request library, for any other, you'll have to do it manually).

I'll have to check out possible ways of doing this and see if i'm going to implement it. Of course, any suggestion is more than welcome.

[nshCore]

@jonagoldman take a look at this

https://laracasts.com/discuss/channels/vue/jwt-auth-with-vue-resource-interceptor?page=1

I implemented refresh tokens using interceptors, basically check for a 401 header if so send an authorisation request before next()

[dgrubelic]

This will soon be available as an improvement. For now, I don't have a specific timeline when this will be available.

[rico]

@jkirkby91-2 any working example for this - for newcomers like me ...

[arenasv86]

Any update about this feature?

[aidanayala]

This would be a great feature

[WayneHiller]

I was looking at how to do this yesterday. Having it built in would be awesome.

[Andrei-Pozolotin]

+1