Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Refresh token rotation #11121

Open
deelo55 opened this issue Jun 9, 2024 · 0 comments
Open

Refresh token rotation #11121

deelo55 opened this issue Jun 9, 2024 · 0 comments
Labels
documentation Relates to documentation triage Unseen or unconfirmed by a maintainer yet. Provide extra information in the meantime.

Comments

@deelo55
Copy link

deelo55 commented Jun 9, 2024

What is the improvement or update you wish to see?

  1. The doc on refresh token rotation for JWT, doesn't work with the client side functionality as it doesn't put an error into the session.
  2. If an error occurs, the session still remains authenticated albeit with an error message attached. This doesn't seem secure as a user can still see resources which require authentication. I believe the status should change to unauthenticated?

Is there any context that might help us understand?

N/A

Does the docs page already exist? Please link to it.

https://authjs.dev/guides/refresh-token-rotation
@deelo55 deelo55 added documentation Relates to documentation triage Unseen or unconfirmed by a maintainer yet. Provide extra information in the meantime. labels Jun 9, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
documentation Relates to documentation triage Unseen or unconfirmed by a maintainer yet. Provide extra information in the meantime.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@deelo55