Refresh token tutorial

Questions and Answers
1
System Information
  • Strapi Version: “4.6.0”
  • Operating System: mac
  • Database:
  • Node Version:
  • NPM Version:
  • Yarn Version:

I am new to strapi, and I just followed this tutorial:

I have a few questions that I wonder if someone could help me with:

  1. What is the purpose of the JWT_SECRET_EXPIRES=360s variable. This seems bizarre to me. I understand why JWT tokens have a lifespan, but why would I want to set an expiration on the jwt secret? This JWT_SECRET_EXPIRES value is passed into the function that generates a jwt token (see code below) but i can’t for the life of me work out why.

ctx.send({
jwt: issueJWT({id: obj.id}, {expiresIn: process.env.JWT_SECRET_EXPIRES}),
refreshToken: refreshToken,
});

any help much appreciated.

1 Like