Django REST JWT刷新 [英] Django REST JWT Refresh

问题描述

使用JWT实现了Django REST和身份验证. 对于JWT令牌，我们必须在其过期之前刷新它. 过期后，JWT将不再提供新令牌.

Implemented Django REST and authentication using JWT. For JWT token we have to refresh it before it expire. After expired JWT wont give new token.

对于我的移动设备，我需要每10分钟刷新一次令牌(JWT_EXPIRATION_DELTA). 如果用户超过10分钟未处于活动状态，那么我需要要求登录. 有什么方法可以刷新令牌，即使在JWT令牌过期之后也是如此. (我们可以将刷新时间限制为2天)

For my mobile device I need to refresh the token every 10 mins (JWT_EXPIRATION_DELTA). and if user is not active for more than 10 minutes, then I need to ask to login. Is there any way that I can refresh the token even after JWT token expired. (we can limit the time to refresh as 2 day)

在Mobile中处理此行为的最佳方法是什么.

Whats the best way to handle this behavior in Mobile.

谢谢.

推荐答案

您可以使用 Oauth2.0

刷新令牌是用于获取访问令牌的凭据.刷新 令牌由授权服务器发布给客户端，并且 当当前访问令牌时用于获取新的访问令牌 变得无效或过期，

Refresh tokens are credentials used to obtain access tokens. Refresh tokens are issued to the client by the authorization server and are used to obtain a new access token when the current access token becomes invalid or expires,

成功登录后，发出刷新和访问令牌.虽然访问令牌不久将过期，但刷新令牌的寿命很长.安全地存储它，并在当前令牌过期时使用它来发行新的访问令牌

After a successful login, issue a refresh and an access token. While a access token expires shortly, a refresh token is long lived. Store it securely, and use it to issue new access tokens when the current one expires

这篇关于Django REST JWT刷新的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！