Add option to disable refresh token invalidation (#6584)

* Add option to disable refresh token invalidation Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add integration tests and remove wrong todos Signed-off-by: Jonas Franz <info@jonasfranz.software> * Fix typo Signed-off-by: Jonas Franz <info@jonasfranz.software> * Fix tests and add documentation Signed-off-by: Jonas Franz <info@jonasfranz.software>
2025-11-04 08:30:25 +08:00 · 2019-04-12 09:50:21 +02:00
parent 3ff0a126e1
commit 783cd64927
6 changed files with 57 additions and 11 deletions
--- a/modules/setting/setting.go
+++ b/modules/setting/setting.go
@@ -304,12 +304,14 @@ var (
 		Enable                     bool
 		AccessTokenExpirationTime  int64
 		RefreshTokenExpirationTime int64
+		InvalidateRefreshTokens    bool
 		JWTSecretBytes             []byte `ini:"-"`
 		JWTSecretBase64            string `ini:"JWT_SECRET"`
 	}{
 		Enable:                     true,
 		AccessTokenExpirationTime:  3600,
 		RefreshTokenExpirationTime: 730,
+		InvalidateRefreshTokens:    false,
 	}

 	U2F = struct {