Skip to main content

important

This is a contributors guide and NOT a user guide. Please visit these docs if you are using or evaluating SuperTokens.

Use long expiration times instead of non-expiring tokens

Status

This is just a proposal so far, it hasn't been accepted and needs further discussion.

Status:: proposed
Deciders:: rishabhpoddar, porcellus
Proposed by:: porcellus
Created:: 2023-05-11

Context and Problem Statement#

In some M2M use-cases the user may require a token to never expire.

Considered Options#

Recommend long expiration times instead of non-expiring tokens
Set the expiration time to null for non-expiring tokens

Decision Outcome#

Chosen option: Recommend long expiration times instead of non-expiring tokens

Simpler
Harder to make a mistake (from the point of view of the user)

Pros and Cons of the Options#

Recommend long expiration times instead of non-expiring tokens#

Very explicit/descriptive solution

Simpler

Technically no way to set it to never expire

Set the expiration time to null for non-expiring tokens#

Explicitly supports the requirement

Complicates implementation

Creates a difference between `null` and `undefined` on the API

Context and Problem Statement
Considered Options
Decision Outcome
Pros and Cons of the Options
- Recommend long expiration times instead of non-expiring tokens
- Set the expiration time to null for non-expiring tokens