/**
* Check the token in the refresh flow context.
*
* @param array $payload
*
* @throws \Tymon\JWTAuth\Exceptions\TokenExpiredException
*
* @return bool
*/
protected function validateRefresh(array $payload)
{
if (isset($payload['iat']) && Utils::isPast($payload['iat'] + $this->refreshTTL * 60)) {
throw new TokenExpiredException('Token has expired and can no longer be refreshed');
}
return true;
}
