I’m building an authentication API using Phoenix, Guardian and Bcrypt, but I’m having an issue with the time present on the tokens generated by Guardian. At the same time the token was generated, my validation on the front-end was saying that the token was already expired.
To investigate, I headed to jwt.io and decoded the token that I was receiving, and saw that both the
iat (issued at) and
exp (expiration time) were more than 3 hours behind the time when the token was generated.
However, I noticed that if I verify this token on the same API right after generating it, it says the token is valid. That probably means that my entire Phoenix app is using the wrong time. Is there a way to fix that?