How to prolong token expire date after each request(i use WebApi bearer token)

Question

The problem:

• I have ASP WebApi 2 with default Asp identity(bearer)
• Client platforms - Ios,Android,WinPhone and Web

Expire date for Ios,Android,WinPhone must be 1 year, but for Web - 5 minuts, and expire date must prolong after each user activity

Each request can contains PlatformType(or other info)

How prolong token expire date after each user activity?

Answer 1

You should use a Refresh Token when your main token has expired. This refresh token can have an expiration date of many days, your choice.

RefreshTokenProvider = new AuthenticationTokenProvider()
            {
                OnCreate = (obj) =>
                {
                    obj.Ticket.Properties.ExpiresUtc = DateTime.UtcNow.AddMonths(6);
                    obj.SetToken(obj.SerializeTicket());
                },
                OnReceive = (obj) => { obj.DeserializeTicket(obj.Token); }
            },