current position:Home>Why should JWT use double tokens for renewal? I didn't understand. I think a single token is OK?

Why should JWT use double tokens for renewal? I didn't understand. I think a single token is OK?

2022-01-27 00:36:30 CSDN Q & A

jwt Why do I use double for renewal token, I didn't understand , Feel single token It's OK , Every token Set up 2 Hour expiration time , Refresh in more than an hour , Failure for more than two hours , Can't that be ?

img




Refer to the answer 1:

One is OK , But if the expiration time is set too long , The security of user data will be greatly reduced ; The expiration time is set too short , Users must log in again at regular intervals , To get new credentials , This will greatly dampen the enthusiasm of users , So the two are to solve the contradiction between security and user experience , You can also refer to this article for understanding




Refer to the answer 2:



Refer to the answer 3:

You need to guarantee token Always effective , Otherwise, after failure , Can't parse , Affect the business .

img




Refer to the answer 4:

copyright notice
author[CSDN Q & A],Please bring the original link to reprint, thank you.
https://en.cdmana.com/2022/01/202201270036270642.html

Random recommended