I am trying to understand a few things regarding implementing JWT authentication with Php-JWT and jquery.
-
I understand that I need to create a secret key that will get passed to the server. How do I create this key… is it something I decide and how long should the key be? Do I store this in a config file and retrieve when the user logs in?
-
I also understand that the server will send back a token after success and this will be stored locally. The token expiration should be short…how do I refresh this so the user dont have to log in again after say every hour?
Hope someone can help me.
Thanks!