How to ignore ignoreExpiration for a specific endpoint?
Alwinator opened this issue · 1 comments
I am using NestJS with the passport-jwt Strategy and have set ignoreExpiration to false. However, is it possible to set it to true only for the JWT refresh endpoint? I thought of adding a custom annotation/decorator (@JWTIgnoreExpiration()) to my refresh endpoint, but I don't know how I can address ignoreExpiration then. Is this possible with passport-jwt?
Alternative would be to set ignoreExpiration to true and check it manually in a NestJS guard, however then I had to check the iat and exp by hand and not by the official jwtService.verify function.
I found a workaround: Add two passport-jwt strategies, one with ignoreExpiration true and one with false and then use the correct one on the refresh route using @UseGuards()