MaxAge of jwt and session #9476
Replies: 6 comments 1 reply
-
|
Were you able to solve this issue? |
Beta Was this translation helpful? Give feedback.
-
|
I'm facing almost the same issue, except that for me the expiration is set to 30 days in both cases - either I set the session maxAge or the jwt maxAge property, it doesn't matter. |
Beta Was this translation helpful? Give feedback.
-
|
Hi,
I didn’t figure out how jwt maxAge works, so I just keep it as 1 but it doesn’t really affect anything….
… Byron0000 ***@***.***>於2024年1月30日 下午11:05寫道:
Were you able to solve this issue?
—
Reply to this email directly, view it on GitHub <#9476 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AVSBUENZ5IH2X4ML4SMVQ73YREDZ3AVCNFSM6AAAAABBDZPP4OVHI2DSMVQWIX3LMV43SRDJONRXK43TNFXW4Q3PNVWWK3TUHM4DGMBXGIZDS>.
You are receiving this because you authored the thread.
|
Beta Was this translation helpful? Give feedback.
-
|
Hi,
I didn’t figure out how jwt maxAge works, so I just keep it as 1 but it doesn’t really affect anything….
… broy94 ***@***.***>於2024年3月6日 上午6:41寫道:
ply to this email directly,
|
Beta Was this translation helpful? Give feedback.
-
|
did anyone solve this? I'm getting 30 days no matter where I change the maxAge, either on session or Jwt |
Beta Was this translation helpful? Give feedback.
-
|
Unfortunately not :/ I haven't bothered with it, I just left it at 30 days for now. |
Beta Was this translation helpful? Give feedback.
-
|
Has anyone solved this issue? When I set the session maxAge to 10 seconds without reloading the page, the session is automatically deleted and the user is logged out. However, if I reload the page within those 10 seconds, the session resets to the default duration of 30 days. |
Beta Was this translation helpful? Give feedback.
-
According to the document (https://next-auth.js.org/configuration/options#jwt), we can set MaxAge of jwt then use getToken() to check the token. However when I tried
const options: NextAuthOptions = { jwt: {maxAge: 10} }the result of getToken() shows the token expire after 30 days (default value)
While if I tried
const options: NextAuthOptions = { session: {maxAge: 10} }the result of getToken() shows that the token expire after 10 sec
JSON Web Token {
"name": "myname",
"email": "email@gmail.com",
"picture": "myavator",
"sub": "18512368",
"accessToken": "f4aaa532b65a5fd06e652e6a68718571273a476fc9f9079345f8e0a1f79f1742f",
"iat": 1703583801,
"exp": 1703583811,
"jti": "81sdf5d-fddf-44d3-b963-34a1a0f14fdf"
}
it seems that the getToken() method get the session MaxAge instead of the jwt MaxAge, is that a normal behaviour?
Many thanks in advance!
Beta Was this translation helpful? Give feedback.
All reactions