jwt-auth icon indicating copy to clipboard operation
jwt-auth copied to clipboard
verified publisher icon tymondesigns

JWT tokens keep getting blacklisted even with blacklist turned off

Open sts-ryan-holton opened this issue 4 years ago • 1 comments

Recently I've noticed that I keep getting blacklisted tokens, and I'm not sure why.

My project holds a JWT token and is valid for a period of time, then, when the user tries to navigate to a route, I call a refresh endpoint which returns the result from auth()->refresh() and for some reason it refreshes the token just fine and gives a 200 response, but then tries again 6 more times and results in a blacklisted token.

I've tried turning the blacklist feature off through .env and directly in the JWT auth file and have set the grace period ridiculously high as well, but still tokens are getting blacklisted

How do I turn this feature off!

sts-ryan-holton avatar Oct 20 '21 20:10 sts-ryan-holton

This is an issue in configuration, I solved this in a PR but it stills opened, my solution was to migrate the package.

https://github.com/PHP-Open-Source-Saver/jwt-auth

Give it a try.

Messhias avatar Nov 22 '21 10:11 Messhias