JWT (JSON Web Token) automatic prolongation of expiration

Question

I would like to implement JWT-based authentication to our new REST API. But since the expiration is set in the token, is it possible to automatically prolong it? I don\'t wa

Answer 1

How about this approach:

• For every client request, the server compares the expirationTime of the token with (currentTime - lastAccessTime)
• If expirationTime < (currentTime - lastAccessedTime), it changes the last lastAccessedTime to currentTime.
• In case of inactivity on the browser for a time duration exceeding expirationTime or in case the browser window was closed and the expirationTime > (currentTime - lastAccessedTime), and then the server can expire the token and ask the user to login again.

We don't require additional end point for refreshing the token in this case. Would appreciate any feedack.