php - Laravel: After upgrade JWT then session expire become too often
so, i upgrade my jwt
package on my Laravel v5.8, I need to upgrade because of security issue. However, upgrading jwt
is not easy, too many trial & error. Finally, i found a solution from it's github repository here then jwt
upgrade is finish.
==========
The summary of solution by adding:
(1) Upgrade jwt by composer require tymon/jwt-auth:1.0.* --prefer-source
(2) Change below line in config/app.php
, before:
'providers' => [
...
'Tymon\JWTAuth\Providers\JWTAuthServiceProvider' ,
...
]
into
'providers' => [
...
'Tymon\JWTAuth\Providers\LaravelServiceProvider' ,
...
]
(3) Add implements JWTSubject
into User
Model Class
(4) Add below line into User
Model Class:
public function getJWTIdentifier()
{
return $this->getKey();
}
public function getJWTCustomClaims()
{
return [];
}
(5) run php artisan vendor:publish --provider="Tymon\JWTAuth\Providers\LaravelServiceProvider"
==========
However, it has side effect.
Now, every login sessions do not last long.
Before this fix, it sometimes need a month for a login session to expire, but now it just need a couple of hour. Moreover, no other logic/coding added except above.
Any Idea/Solution?
Thank You in Advance...
Answer
Solution:
Time to live is defined in the config/jwt.php
.
See the line that says 'ttl' => env('JWT_TTL', 60)
which means by default the token will be valid for 1 hour.
If you don't already have that, be sure to run the following command to publish the package config file:
php artisan vendor:publish --provider="Tymon\JWTAuth\Providers\LaravelServiceProvider"
Source