Implement token-based authentication

Asked 1 years ago, Updated 1 years ago, 80 views

Hello.

We are currently designing an api server.

We're implementing token-based authentication.

When I certify it, I return both the jwt token and the refresh token.

Authentication logic is that if a request is made to a resource that requires authorization, when the token expires

Is it correct to return a specific response code and make it recognized in the cla and request it with url, which renews the token itself using the refresh token from the cla storage side, get a new access token, and then request it back to the resource that needed authorization for the original purpose?

Also, the expiration time of the current certification token is about 30 minutes, but I wonder how long the expiration time of the refresh token itself is usually!

I'd appreciate your help!

token

2022-09-22 21:10

1 Answers

I designed it with accessToken and refreshToken. I used the following structure.

AccessToken expired in one day. The refreshToken expired in 30 days.

2022-09-22 21:10

If you have any answers or tips

Popular Tags
python x 4647
android x 1593
java x 1494
javascript x 1427
c x 927
c++ x 878
ruby-on-rails x 696
php x 692
python3 x 685
html x 656
Popular Questions

641 When building Fast API+Uvicorn environment with PyInstaller, console=False results in an error

545 Who developed the "avformat-59.dll" that comes with FFmpeg?

538 PHP ssh2_scp_send fails to send files as intended

539 rails db:create error: Could not find mysql2-0.5.4 in any of the sources

539 Understanding How to Configure Google API Key

© 2024 OneMinuteCode. All rights reserved.