Logout Session Expiration with Angularjs and Laravel

Question

I built my APIs with laravel 5, both my web application and mobile app use the same APIs. On the web app there is a default expiration of 60 minutes after which user will have to log back in again. However on mobile i do not want that, no automatic session expiration for mobile, the user can only be logged out after they have clicked the logout button on the app.

I use JWT with satellizer for my authentication, i would like to know how to achieve this.

Do you use oAuth 2.0? – Hamlet Hakobyan Jan 13 '16 at 19:13 — Hamlet Hakobyan, Jan 13 '16 at 19:13
Does you API provide JWT tokens? – Hamlet Hakobyan Jan 13 '16 at 19:16 — Hamlet Hakobyan, Jan 13 '16 at 19:16

score 1 · Answer 1 · answered Jan 13 '16 at 19:35

1

I have the same setup as you have on my web application and mobile app. I simply store the username/email and password on the phone (native) and everytime the user opens the app it does a call to receive a new JWT. When the user is loggin out on the phone, the password is removed.

I think this is the simplest solution, and for security you can encrypt the password in the storage.

answered Jan 13 '16 at 19:35

Philip Andersson

100
2
8

I will try this out, it seems simple. :) – user3718908x100 Jan 13 '16 at 19:44

score 1 · Answer 2 · edited May 23 '17 at 11:52

1

I believe the current practice based on this answer is that you prolong or refresh the token before it expires. I do not believe you can't not have an expiration.

edited May 23 '17 at 11:52

Community

1
1

answered Jan 13 '16 at 19:36

Sean Larkin

6,290
1
28
43

Logout Session Expiration with Angularjs and Laravel

2 Answers2