Laravel sanctum: should we limit the token life?

Hello,

I'm wondering when using Laravel Sanctum if it is better to limit the token life for more security !

If yes (30 min) does the user required to post his user name and password every 30 minutes?

Thanks

krisi_gjika

2 years ago

Level 14

you can overwrite the validity check to check against the last_used_at column instead. So rather than: created_at + config('sanctum.valid_for') <= now() check last_used_at + config('sanctum.valid_for') <= now()

DhPandya

2 years ago

Level 12

This can be helpful. https://laravel.com/docs/10.x/sanctum#token-expiration

Please or to participate in this conversation.