TOKEN_TTL infinite/ no expiry

[Eshwar0601]

how to setup durin such that TOKEN_TTL never expires ?

[eshaan7]

I think you could make the token_ttl value about 5-10 years or even more for such an use case.

PS. A never expiring token is generally a bad security strategy. I'd recommend a shorter token lifetime with periodic calls to refresh_token API view to either refresh the expiry or replace with new token.

[Abishek05]

@eshaan7 Do you think it's a bad idea to use this library for a use case where we have to provide an API key for all the users in the system. A part of the requirement is to make this API key not to expire.

[eshaan7]

@Abhishek05,

I assume you want the ability to have multiple tokens per user and that's why you stumbled upon this library? Otherwise, you can probably just use the default token mechanism inbuilt into django rest framework.

I'd say that this library does solves the use case of issuing such tokens to users which do not conflict with each other. This can be achieved by just creating another Client instance and issuing tokens against it. The only caveat is token_ttl cannot be set to a value like "no expiry", to achieve that you can make the TTL 15+ years and it should work fine.