Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add the refresh token to the outstanding db after refreshing #696

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Add the refresh token to the outstanding db after refreshing #696

wants to merge 2 commits into from

Conversation

ratataque
Copy link

Fix the Issue #363
By allowing the refreshtoken to be saved to the outstanding database after being refreshed.
It is useful for blacklisting every token for a precise user, if there's a leak of the token

@samuel-andres
Copy link

Great work 👏

@mnislam01
Copy link
Member

This needs to be merged.

@DigantaBiswas
Copy link

This is what I need. came here to check if anyone made a PR or not. You are awesome 😄

DigantaBiswas
DigantaBiswas reviewed Jun 30, 2024
View reviewed changes
rest_framework_simplejwt/serializers.py
OutstandingToken.objects.create(
user=user,
jti=refresh[api_settings.JTI_CLAIM],
token=str(refresh),
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
token=str(refresh),
token=data["refresh"],

This part where we encode refresh token is used twice in this code. One is here on line number 137 and another is on line:142

Maybe its bad idea to repeat this code, because in future refactor to change or update this value we might need to look into 2 places.

My suggestion will be move 142 on top then use token = data["refresh" ]

Hope this gets merged soon 😃

@HasanYldz
Copy link

If help is needed for changes I can help out. I need to use a fork with these changes otherwise. Thanks in advance.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@DigantaBiswas DigantaBiswas DigantaBiswas left review comments

@mohitpandeyji mohitpandeyji mohitpandeyji approved these changes

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@ratataque @samuel-andres @mnislam01 @DigantaBiswas @HasanYldz @mohitpandeyji