Jwt-refresh does not work in account verification grace period

[Bruno Aníbal Prieto González]

Hi! Thanks to the creator of the rodauth-rails gem I realized that jwt-refresh does not work when the user does not verify the account yet, even if the verify_account_grace_period feature is enabled. Is there a way to make this work? I'm interested in keeping users who just signed up authenticated in my mobile app and not having to ask them to log in again.

From what I understood, jwt_refresh is only working on accounts that are already verified, not the ones that still have the grace period. Despite that, the login path works fine when verify_account_grace_period is enabled.

Thank you very much in advance

[Jeremy Evans]

On Wed, Sep 22, 2021 at 11:53 PM Bruno Aníbal Prieto González <bruno...@gmail.com> wrote:

Hi! Thanks to the creator of the rodauth-rails gem I realized that jwt-refresh does not work when the user does not verify the account yet, even if the verify_account_grace_period feature is enabled. Is there a way to make this work? I'm interested in keeping users who just signed up authenticated in my mobile app and not having to ask them to log in again.

From what I understood, jwt_refresh is only working on accounts that are already verified, not the ones that still have the grace period. Despite that, the login path works fine when verify_account_grace_period is enabled.

Thanks for the report.  I looked into this and agree that it is a bug that should be fixed.  I've committed a fix: https://github.com/jeremyevans/rodauth/commit/492d1bef118ccb3c48678147658cf27165882f10

Thanks,

Jeremy

[Bruno Aníbal Prieto González]

Thanks!

> --
> You received this message because you are subscribed to the Google Groups
> "Rodauth" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to rodauth+u...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/rodauth/CADGZSSd0ZK6fvjZ6C0bOJ2JM6yrX3%2BaN8fjTGDbcjadEfiSfKw%40mail.gmail.com.
>