Is "JWT authentication with Vaadin Flow" still working?

Hey @Matti I posted this question on your blog post a week ago. Didn’t see a response. Reposting here in case that’s better.

Hey Matti, thanks for this article. Just wanted to check: Is this still working for you? I’ve tried implementing it in 2 projects, exactly as you have described, and it has never worked for me, at least not for more an an hour or so. Every day when I open my site, I must log in again. I figure I need to dive into learning more about sessions and how to test them, but figured I just check in with you before I go down that path. Are you still using the same method? Has it changed or updated in the last 2 years at all?

Thanks!

Did you configured the expiration for the JWT token?

VaadinWebSecurity.setStatelessAuthentication sets 1800 seconds by default, but there is an override that allows the developer to specify a custom value

1 Like

No. That was one of the things I was planning to look at. I’ll try that now and report back.

Thanks!

Seems to be working. By the way, as soon as I googled VaadinWebSecurity.setStatelessAuthentication I found the section on JWT Expiration “hidden” in the Hilla documentation.

Excellent that you got that solved! For some reason I don’t get proper notifications from our blog comments and now nobody pushed me internally to answer :nerd_face: They are trying to move those discussions to use this same new forum now, maybe related to that…

2 Likes

Time to tackle your marketing to cross post new blog post here :wink:

2 Likes