djangorestframework-simplejwt icon indicating copy to clipboard operation
djangorestframework-simplejwt copied to clipboard

Published 20 hours ago verified publisher icon jazzband

How to create never expiring AccessToken

Open xalien10 opened this issue 2 years ago • 2 comments

Is there any way to create a never expiring AccessToken by configuring settings which will not expire just like some API Key? Actually, I need to create some API Key using this library, so that I can verify views like normal tokens but it won't expire until someone forcefully disable it.

xalien10 avatar Feb 09 '23 12:02 xalien10

I can't find set variable way. but you can override "AUTH_TOKEN_CLASSES": ("rest_framework_simplejwt.tokens.AccessToken",), in settings and write your own AccessToken class, and over ride the behaviour of check_exp method. for ex:

class MyAccessToken(AccessToken):
    def check_exp(
        self, claim: str = "exp", current_time: Optional[datetime] = None
    ) -> None:
        pass

likecodingloveproblems avatar Mar 20 '23 20:03 likecodingloveproblems

Maybe a better way is using Constance, and change this behaviour in realtime.

class MyAccessToken(AccessToken):
    def check_exp(
        self, claim: str = "exp", current_time: Optional[datetime] = None
    ) -> None:
        if settings.get('EXPIRABLE_TOKENS'):
            super().check_exp(claim, current_time)

likecodingloveproblems avatar Mar 20 '23 20:03 likecodingloveproblems