From 744f5be2a4b480f75ad62597024c949e98af53c1 Mon Sep 17 00:00:00 2001
From: Matthew Dillon <matthewrdillon@gmail.com>
Date: Mon, 19 Oct 2015 13:34:29 -0700
Subject: [PATCH] Refresh token notes

---
 app/authenticators/jwt-resolved.js | 1 +
 config/environment.js              | 4 ++--
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/app/authenticators/jwt-resolved.js b/app/authenticators/jwt-resolved.js
index a6884ec..1417236 100644
--- a/app/authenticators/jwt-resolved.js
+++ b/app/authenticators/jwt-resolved.js
@@ -1,3 +1,4 @@
+// Note: this is here for user lockout authentication
 import Ember from 'ember';
 import JwtTokenAuthenticator from 'simple-auth-token/authenticators/jwt';
 
diff --git a/config/environment.js b/config/environment.js
index 066e82f..d03d0ff 100644
--- a/config/environment.js
+++ b/config/environment.js
@@ -28,8 +28,8 @@ module.exports = function(environment) {
       authorizationPrefix: 'Bearer ',
       authorizationHeaderName: 'Authorization',
       refreshAccessTokens: true,
-      timeFactor: 1000,
-      refreshLeeway: 300,
+      timeFactor: 1000, // 1000 ms/s; JWT returned in unix time seconds
+      refreshLeeway: 1800, // (60 s/min) * (30 min) = 1800 s
     },
     contentSecurityPolicy: {
       'default-src': "'none'",