WARNING: THIS SITE IS A MIRROR OF GITHUB.COM / IT CANNOT LOGIN OR REGISTER ACCOUNTS / THE CONTENTS ARE PROVIDED AS-IS / THIS SITE ASSUMES NO RESPONSIBILITY FOR ANY DISPLAYED CONTENT OR LINKS / IF YOU FOUND SOMETHING MAY NOT GOOD FOR EVERYONE, CONTACT ADMIN AT ilovescratch@foxmail.com
Skip to content

Add the refresh token to the outstanding db after refreshing #696

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
ratataque wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Add the refresh token to the outstanding db after refreshing #696

ratataque wants to merge 2 commits into from

Conversation

@ratataque
Copy link

@ratataque ratataque commented Apr 16, 2023

Fix the Issue #363
By allowing the refreshtoken to be saved to the outstanding database after being refreshed.
It is useful for blacklisting every token for a precise user, if there's a leak of the token

@samuel-andres
Copy link

samuel-andres commented May 25, 2023

Great work 👏

@mnislam01
Copy link

mnislam01 commented Jun 30, 2024

This needs to be merged.

@DigantaBiswas
Copy link

DigantaBiswas commented Jun 30, 2024

This is what I need. came here to check if anyone made a PR or not. You are awesome 😄

DigantaBiswas
DigantaBiswas reviewed Jun 30, 2024
View reviewed changes
rest_framework_simplejwt/serializers.py
OutstandingToken.objects.create(
user=user,
jti=refresh[api_settings.JTI_CLAIM],
token=str(refresh),
Copy link

@DigantaBiswas DigantaBiswas Jun 30, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
token=str(refresh),
token=data["refresh"],

This part where we encode refresh token is used twice in this code. One is here on line number 137 and another is on line:142

Maybe its bad idea to repeat this code, because in future refactor to change or update this value we might need to look into 2 places.

My suggestion will be move 142 on top then use token = data["refresh" ]

Hope this gets merged soon 😃

@HasanYldz
Copy link

HasanYldz commented Jan 20, 2025

If help is needed for changes I can help out. I need to use a fork with these changes otherwise. Thanks in advance.

@Andrew-Chen-Wang Andrew-Chen-Wang mentioned this pull request Feb 20, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

2 more reviewers

@DigantaBiswas DigantaBiswas DigantaBiswas left review comments

@mohitpandeyji mohitpandeyji mohitpandeyji approved these changes

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@ratataque @samuel-andres @mnislam01 @DigantaBiswas @HasanYldz @mohitpandeyji