วีดีโอ

What is your theme vs code?

Nice tutorial. I'm new to Nestjs. there arre somethings im wondering. the strategy receive the token from request and verify it. if token valid return the payload wich was signed. so is it neccessary to check if the user existed in the auth service

Great! I like your contnet please make an advanced course ! (comming from freecodecamp course)

Very clear! Thank you!

50018 Kerluke Cove

Kling Mountains

Considine Road

Thank you, it was an incredible tutorial

Very good tutorial!

Wow, that's great.

I have .env and .env.test each with a DATABASE_URL. I then give the database to Prisma using env(DATABASE_URL). The Databases are running but not using Docker. When I run "prisma migrate dev" will the migrations between the two databases get mixed up or will Prisma know which database it did changes to? I'm worried that I could wipe my development database somehow and lose all the data.

Just a note for anyone following along: the refresh service method doesn't work as intended. When you send a refresh token to /refresh you get new access and refresh tokens. However, if you continue to send the same refresh token to /refresh it will accept it even though the refresh token has obviously changed. The reason is because bcrypt only accepts strings up to 72 characters, and when changing refresh tokens those first 72 characters will remain the same and so the compare function will always return true.

Hi vlad, how you handle or invalidated access token after logout? I have try overwrite the access token and refresh token to be expiring after a few second but it seems like does not have effect on it.

Is there any reason why you don't use passport local?

Massive thanks for this wonderful video. You saved me days! Vlad, I wish you to thrive in your career :)

Vlad aka darslariz juda zo'r (from Uzbekistan)

27:30

Coming across these new libararies and tech seems overwhelming and u sir took that uneasiness away. Thankful!

Vlad we need you back! Best nestjs youtuber out there

First I used Fetch API for fetching data from JSON to HTML however the things gets complicated I used Axios as my main API for fetch data from client and MariaDB together with Express. Express and Axios is the best combo to deal with data fetching and saves more time.

I would love to see you look at Remult

You came here and wondering is it worth watching this video? Absolutely! Thanks, Vlad!

1:00:00

Низкий тебе поклон, чувак. Спасибо!) Твоё видео это та самая жемчужина на просторах интернета

I started writing out the XMLHttpRequest. No libraries needed. It's just as easy, IMHO.

But in this scenario, when an access token expires and we call the refresh endpoint, we're updating both tokens. Given this situation, the refresh token expiration wouldn't make sense, right?

200 - u said TWO OW OW ? timecode - 1:10:15

Nice video but the refresh strategy you have used in the video seems wrong. anyone who stole the refresh token can always brought new access token & refresh token. you can try sending multiple requests to the /refresh route it always brings the data. but in reality, it should work once.

not working for me, database connection issue, cant listen error from db, pls help

Thank you Vlad!

me recognizing the errors before vlad does proves i m getting better😂 thanks for the explanation tho i needed this

Thanks for the great tutorial. I got a question, what is the point of sending and generating a new refresh token each time we need to refresh an access token? We supposed to have the same refresh token for the whole period of time and when it is expired the use has to sign in again, am I not right?

It seems to me that it would be better to pass the refresh token to the HttpOnly cookie and write a custom ExtractJwt to get it from the request. It is a pity that I have not yet found anything more or less understandable on this topic on the Internet

what are the downsides of jwt token

Prisma part confused me, as I'm a beginner I started with typeorm

I'm so confuse, you create a refresh controller but where it can be use? there's no a function that whenever generate a new token it will check verify first the refresh token?

TypeError: this[modelKey].deleteMany is not a function 31 | ); 32 | // console.log(models.); > 33 | return Promise.all(models.map((modelKey) => this[modelKey].deleteMany())); | ^ 34 | } 35 | }

Been using async await fetch for a good while, I'll try axios for my next project.

Awesome video.

Thanks a lot. Very nice 🔥🔥

the update many was deleting all the rt token of all the user so he tests if the rf is not null

Thank for the course, i did all with you, i have a question, why don't delete de hast to, when do a logout???

Thank you, was struggling with the NameCheap Host entry part. (Just as you mentioned, everyone does this wrong. haha!) Also other parts of this tutorial got me over the finish line! Had done this process before entirely in AWS but new to using external domains.

Vlad, loved your video on NextJS on Free code camp. Thank you. Really appreciate it.

Thank you, very nice tutorial, i'll try to implement this with redis too. Sorry for my english and thank you again.

I purchased your nestjs essentials course but now page is not opening error occurred 403 forbidden. Please fix this soon I really enjoyed your lectures

Log out not working unauthorized? I think the default guard is making an issue

Hooks can be used in redux. How to use it with redux

one of the best videos in authentication using refresh tokens

Can't believe I made it all the way to the end!! Thanks so much.