How to avoid that token expires?

  • Resolved kilianso

    (@kilianso)


    7 years, 1 month ago

    Hey! Great Plugin. I’m building a custom admin tool where users can save data into custom post types. It’s all Ajax based. So i placed the token into my JS file and it’s working great!

    The only thing is: The token expires after 3600s – So i have to regenerate a new one over and over again. And the tool isn’t in use 24/7 so i’m not able to always trigger a refresh function before the token expires. How can i avoid this? I need to be able to have a token that doesn’t expires or that refreshes automatically without firing a refresh action (through JS) every 60 minutes.

    Thanks

    • This topic was modified 7 years, 1 month ago by kilianso.
    • This topic was modified 7 years, 1 month ago by kilianso.
Viewing 4 replies - 1 through 4 (of 4 total)

  • I found an answer to this question in another thread.

    Change:

    
'access_lifetime' => $o['access_token_lifetime'] == '' ? 3600 : $o['access_token_lifetime'],

    To:

    'access_lifetime' => 99999999,

    But i’m still curious if there is no better solution to avoid expiration without changing the plugin code.

    • This reply was modified 7 years, 1 month ago by kiLaa.
    Plugin Author Justin Greer

    (@justingreerbbi)

    Hi

    Sorry for the frustration. As mentioned above, you can change the plugin configuration array but it will be wiped on an update and things will break. Also, I would like to note that a longer lifetime on an access token can lead to exploits and exposure to unauthorized requests. It is not recommended to set the lifetime to something really long.

    The functionality you are really looking for is what is known as a “refresh token”. This is used to request a new access token after it has expired without having to run the authorization process again. This is typically done in the back-end and the user never sees the interaction. Unfortunately, this functionality is not in this version (free version) of the plugin.

    Please let me know if you have any other questions.

    • This reply was modified 7 years, 1 month ago by Justin Greer.

    Hey there

    Well it’s not an issue for me to buy your plugin. It’s just very unclear what features are available in the Free Version and what not.

    So is there a out-of-the-box solution for the refreshing tokens in the Pro-Version? I don’t need to handle anything in my client side JS?

    Plugin Author Justin Greer

    (@justingreerbbi)

    Hi,

    I am sorry about the clarity of the plugin. I will be working on this in the coming months. I am not able to really comment on PRO sales here but if you head over to https://wp-oauth.com and request a chat, we can talk there.

    Please let me know if you have any other questions. We can talk directly through support given the link above!

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘How to avoid that token expires?’ is closed to new replies.

Tags