Fixed issue #363

rest_framework_simplejwt/serializers.py

@@ -5,8 +5,13 @@
 from rest_framework import exceptions, serializers
 from rest_framework.exceptions import ValidationError
 
+from .authentication import JWTAuthentication
 from .settings import api_settings
 from .tokens import RefreshToken, SlidingToken, UntypedToken
+from .utils import datetime_from_epoch
+
+if api_settings.ROTATE_REFRESH_TOKENS:
+    from .token_blacklist.models import OutstandingToken
 
 if api_settings.BLACKLIST_AFTER_ROTATION:
     from .token_blacklist.models import BlacklistedToken
@@ -118,6 +123,17 @@ def validate(self, attrs):
             refresh.set_exp()
             refresh.set_iat()
 
+            # Create OutstandingToken when rotate refresh token
+            auth = JWTAuthentication()
+            user = auth.get_user(validated_token=refresh)
+            OutstandingToken.objects.create(
+                user=user,
+                jti=refresh[api_settings.JTI_CLAIM],
+                token=str(refresh),
+                created_at=refresh.current_time,
+                expires_at=datetime_from_epoch(refresh["exp"]),
+            )
+
             data["refresh"] = str(refresh)
 
         return data