Support for Refresh Tokens

[mr-blue-sky]

Hello Fief team,

First, I want to thank you for creating and maintaining such an excellent open-source authentication and user management platform. Fief has been instrumental in managing our user authentication and authorization needs, and we appreciate the comprehensive documentation and support provided.

Currently, Fief supports access tokens for JWT-based authentication, which works seamlessly for many use cases. However, we've encountered scenarios where the addition of refresh tokens would significantly enhance the security and usability of our applications. Specifically, we are developing a mobile application where the following features of refresh tokens are crucial:

1. Maintaining long-lived sessions: This allows users to stay logged in without frequent re-authentication, significantly improving the user experience in a mobile context.
2. Enhanced security through token revocation: The ability to revoke refresh tokens upon logout or when a token is compromised is crucial for maintaining the security of our mobile application. This ensures that even if a refresh token is leaked or stolen, it can be invalidated to prevent unauthorized access.
3. Token renewal: Refresh tokens can be used to obtain new access tokens without requiring users to re-authenticate, which is especially useful in mobile applications where users expect seamless and uninterrupted service.

I understand from the project roadmap that Fief is continuously evolving with many exciting features planned for the future. Could you please provide some insight into whether there are plans to implement refresh tokens? If so, is there an estimated timeline for this feature?

Additionally, if this feature is not currently planned, could you share any potential challenges or considerations that need to be addressed to include refresh token support? Understanding these aspects might help the community contribute effectively towards this enhancement.

Thank you for your time and consideration.

Best regards :)