Feature Request: Dynamic Method for Setting JWT Expiration Time

[aamra12]

Hi there,

I'm working on a multi-tenant application where each tenant has its own JWT expiration time. Currently, devise-jwt lacks a dynamic method to set the JWT expiration time based on runtime values. I'm looking to set the expiration time based on tenant-specific values.

Here's a snippet of what I'd like to achieve:

config.jwt do |jwt|
  jwt.secret = ....
  jwt.request_formats = ....
  jwt.dispatch_requests = ....
  jwt.expiration_time = TENANT_BASED_TIMEOUT  # Dynamically set based on the current tenant.
end

Is there a planned feature for this in an upcoming release? Alternatively, do you have a recommended workaround for this scenario?
Thanks for your help!

• Version of devise-jwt = 0.8.1
• Version of rails in use = 6.0.3.2
• Version of warden-jwt_auth in use = (~> 0.5)

[waiting-for-dev]

Given that's set in the configuration, it looks a bit tricky to implement. What would you need access to?

[aamra12]

I'm currently working on a feature where the JWT expiration_time is determined by a value stored in our database, allowing for dynamic token expiration periods based on specific criteria or user settings.
However, I've encountered a challenge when trying to set this dynamic value within the ruby devise.rb initializer:

 ...
 jwt.expiration_time = MyDatabaseModel.retrieve_expiration_time
 ...
 end 

The method MyDatabaseModel.retrieve_expiration_time is intended to pull the expiration_time from the database. Given the nature of initializers, it seems I'm running into challenges with this dynamic assignment.

I was wondering if there's an established pattern or recommendation for achieving this with devise-jwt? If not, please suggest a approach that you consider would be best for this approach.
Thank you for your time and for the great work on this gem!

[waiting-for-dev]

Not sure, but maybe you can set it in a Rails.application.config.to_prepare block?