Improve JWT tokens expiration

- Reduce access tokens TTL to 15 minutes - Set refresh tokens TTL to 60 days - Set Guardian.DB to only track refresh tokens - Remove refresh token when logging out Closes #710 #705 #706 Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2021-05-25 11:00:46 +02:00
parent 5a13c2191c
commit a7da5ab269
6 changed files with 50 additions and 3 deletions
--- a/js/src/graphql/auth.ts
+++ b/js/src/graphql/auth.ts
@@ -46,3 +46,9 @@ export const REFRESH_TOKEN = gql`
    }
  }
 `;
+
+export const LOGOUT = gql`
+  mutation Logout($refreshToken: String!) {
+    logout(refreshToken: $refreshToken)
+  }
+`;