Magic Link Expiry
Hi there.
When it comes to the expiry of a magic link we noticed that it is set 2h behind. Now we have our DB hosted in the UK (MongoDB) and work in. South Africa.
Are the expiry dates of these tokens based on the DB time or server time? Essentially when working locally we have a our server obviously booted on a SA timezone. So just trying to understand where this behavior comes in?
Thanks
4 Replies
hmm ... ig the expiration will be based on server time (which is gonna be UTC) for most cases and South Africa is UTC + 2:00. thats why there is diff on that
So we saying that if you boot up server locally is it hard coded to UTC?
Expiry is based on UTC both when the token is generated and when it's validated. It doesn’t depend on your server's local timezone or your database’s regional hosting. So regardless of whether you're running your server locally in South Africa or deploying it to production with a DB hosted in the UK, the expiry logic always uses UTC internally. If you’re seeing a 2-hour offset, it’s likely due to how timestamps are being displayed (eg. being shown in local time rather than UTC) rather than how expiry is calculated.
Hmmm the behavior that we see though is that they are not able to login due to the token being 'expired". Is there a way this can be debugged or shown so we can get a better idea of the validation side of things? Or are you 100% convinced that this would not be the issue? We extended the tokens expiry to 6h and it resolved the issue. So interested to know what could be the cause.