Doubt about delta

[DiegoOpenheimer]

when I use the validate method, it returns zero or -1, what does -1 mean, would -1 be a valid token? I appreciate if you can solve this doubt

[hectorm]

The delta value is related with two properties:

• Period: lifetime of a token in seconds.
• Window: search area of a token in the validation process. By default it has a value "1", that means that only the previous, current and next token is considered valid. The window is used because there is a possibility that the client and server do not have exactly the same time, so the token is searched with a margin.

Delta can have two values:

• Number: offset of the token to be validated from the current token. A negative value indicates that the token was generated in the past, zero that it is current and positive that it will be generated in the future. In this case the token should be considered valid.
• null: the token was not found in the specified window and should not be considered valid.

I hope I have solved your question, if not feel free to reopen the issue. Thanks!

[medemi68]

Can you add this to the documentation somewhere? Thanks for writing it here in the issue, but it would be better if it was in the documentation.

Essentially, if the delta returns anything but 0, it is not in the current window or not correct, right? Or is it only if it is null that its not correct?

[hectorm]

You should consider the token as invalid if delta is null, if delta is a number then the token exists in the specified window. I will clarify the documentation.