Hi @Toby
I'm merrily authenticating in a 3rd party CMS using the lovely JSON API you've provided - thanks for making things simple 🙂
The TL;DR version of this post is: would it be possible to pass a third parameter to control the time of the token so we can increase it to something more inline with the normal forum login routine?
I'd like to tie in the two login systems to see if I can build a little comments module for the CMS in question using Flarum topics for the actual comments to keep things nice and social across the site.
I see that I can simply access the flarum_remember cookie if the user has been to the forums, which is nice as I can read that easy enough to save the user logging in again, and I see the corresponding entry in the access_tokens table. I also see that authenticating using the JSON API adds the token to that table - so far so good.
I have a scenario in mind where a user logs into the forums, posts, logs out and then a few days later goes to post through my theoretical comments system on the main site. They would encounter a login form to comment there but then the API authentication token is only generated for an hour, so if the site were really busy that user's token could expire before they've finished browsing around and commenting. So would it be possible to pass a third parameter to control the time of the token so we can increase it to something more inline with the normal forum login routine?
Thanks again!
