managarten

mirror of https://github.com/Memo-2023/mana-monorepo.git synced 2026-05-14 20:01:09 +02:00

History

Wuesteon 9dbd6e6c09 ✨ feat(auth): implement sliding window refresh token expiration Implements sliding window expiration for refresh tokens to allow active users to stay signed in indefinitely while maintaining security through inactivity timeouts. Changes: - Extend refresh token expiration from NOW on each refresh (not from login) - Preserve rememberMe flag across token rotations - Active users: stay signed in forever (7/30 day sliding window) - Inactive users: signed out after 7 days (regular) or 30 days (rememberMe) This matches industry standards (Gmail, Slack, GitHub) where active users remain authenticated while inactive users are automatically signed out.	2025-12-25 17:58:20 +01:00
..
mana-core-auth	✨ feat(auth): implement sliding window refresh token expiration	2025-12-25 17:58:20 +01:00

Wuesteon 9dbd6e6c09 ✨ feat(auth): implement sliding window refresh token expiration

Implements sliding window expiration for refresh tokens to allow active
users to stay signed in indefinitely while maintaining security through
inactivity timeouts.

Changes:
- Extend refresh token expiration from NOW on each refresh (not from login)
- Preserve rememberMe flag across token rotations
- Active users: stay signed in forever (7/30 day sliding window)
- Inactive users: signed out after 7 days (regular) or 30 days (rememberMe)

This matches industry standards (Gmail, Slack, GitHub) where active users
remain authenticated while inactive users are automatically signed out.

2025-12-25 17:58:20 +01:00

mana-core-auth

✨ feat(auth): implement sliding window refresh token expiration

2025-12-25 17:58:20 +01:00