rfcs
rfcs copied to clipboard
Request — Refresh token
This issue has been opened because we (as the core team) are looking for contributors to help us co-develop the feature.
Motivations
The current implementation doesn't offer the ability to refresh an existing valid token. Thus, it forces the user to log in every month to generate a new JWT token.
Tasks
- Find a contributor
- Define the needs
- Discuss a solution and technical implementation
- Ask for design
- Submit RFC
Risks
- Security breach
- Required a better authentication flow (see https://github.com/strapi/strapi/pull/2704)