feat: Refresh Token for improved Session Security (#927)

* feat(api): refresh token logic * feat(client): refresh token logic * feat(data-provider): refresh token logic * fix: SSE uses esm * chore: add default refresh token expiry to AuthService, add message about env var not set when generating a token * chore: update scripts to more compatible bun methods, ran bun install again * chore: update env.example and playwright workflow with JWT_REFRESH_SECRET * chore: update breaking changes docs * chore: add timeout to url visit * chore: add default SESSION_EXPIRY in generateToken logic, add act script for testing github actions * fix(e2e): refresh automatically in development environment to pass e2e tests
2026-01-04 17:48:50 +01:00 · 2023-09-11 13:10:46 -04:00 · 2023-09-11 13:10:46 -04:00 · 33f087d38f
commit 33f087d38f
parent 75be9a3279
31 changed files with 420 additions and 232 deletions
--- a/e2e/playwright.config.ts
+++ b/e2e/playwright.config.ts
@ -11,7 +11,7 @@ export default defineConfig({
  /* Run tests in files in parallel.
  NOTE: This sometimes causes issues on Windows.
  Set to false if you experience issues running on a Windows machine. */
-  fullyParallel: true,
+  fullyParallel: false,
  /* Fail the build on CI if you accidentally left test.only in the source code. */
  forbidOnly: !!process.env.CI,
  /* Retry on CI only */
@ -62,7 +62,8 @@ export default defineConfig({
    env: {
      ...process.env,
      NODE_ENV: 'development',
-      SESSION_EXPIRY: '86400000',
+      SESSION_EXPIRY: '60000',
+      REFRESH_TOKEN_EXPIRY: '300000',
    },
  },
 });