Configuring expiration of auth tokens
If we try and perform an API call on our now protected endpoints with a valid token obtained from logging in with the token in the header, we will get an unauthorized error. If we insert some print
statements, we will get the following error when failing to decode the token:
missing required claim: exp
This implies that there is no field called exp
in our JwToken
struct. If we reference the jsonwebtoken
documentation at https://docs.rs/jsonwebtoken/latest/jsonwebtoken/fn.encode.html, we can see that the encode
instructions never mention exp
:
use serde::{Deserialize, Serialize}; use jsonwebtoken::{encode, Algorithm, Header, EncodingKey}; #[derive(Debug, Serialize, Deserialize)] struct Claims { sub: String, company: String } let my_claims = Claims { sub: "[email protected]".to_owned(), company: "ACME".to_owned() }; // my_claims is a struct that...