I am able to generate the token and validate it.
Now, I come across a scenario: How can I keep the active user's token refresh everytime it send request to server? Rather than suddenly logout them out after the default token's expiration time.
As per lcobucci suggestion, regenerate the token in every request make by the user. Meaning the Web/MobileApp have to update the new token in local which return from API in each request?
Any other suggestion/approach I should look into?
I am using it for Mobile and Web apps.
Thanks
