Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How to ignore ignoreExpiration for a specific endpoint? #234

Open
Alwinator opened this issue May 19, 2022 · 1 comment
Open

How to ignore ignoreExpiration for a specific endpoint? #234

Alwinator opened this issue May 19, 2022 · 1 comment

Comments

@Alwinator
Copy link

I am using NestJS with the passport-jwt Strategy and have set ignoreExpiration to false. However, is it possible to set it to true only for the JWT refresh endpoint? I thought of adding a custom annotation/decorator (@JWTIgnoreExpiration()) to my refresh endpoint, but I don't know how I can address ignoreExpiration then. Is this possible with passport-jwt?

Alternative would be to set ignoreExpiration to true and check it manually in a NestJS guard, however then I had to check the iat and exp by hand and not by the official jwtService.verify function.
@Alwinator Alwinator changed the title How to ignore ignoreExpiration in specific endpoint? How to ignore ignoreExpiration for a specific endpoint? May 19, 2022
@Alwinator
Copy link
Author

I found a workaround: Add two passport-jwt strategies, one with ignoreExpiration true and one with false and then use the correct one on the refresh route using @UseGuards()

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Alwinator