Good explanation. For the refresh token, I think its better to store it in a http-only cookie. Its secure -> no access for attackers via javascript. With the refresh call the refresh token is automatically sent to the backend. Holding the refresh token in the angular app / browser is not necessary and insecure. Stealing the refresh token give attackers long access to the system. Acces tokens normally have a short lifetime 5 minutes for example.
after implementation of interceptor, login api will also need token right? currently i am getting error for this so how can we avoid login api to go through interceptor cause its showing error that Cannot read properties of undefined (reading 'token')
Thank you Very much for the detailed explanation. Hi Sir, I am using Google IDP with implicit flow, How can I get a refresh token? silent-renew is not working.
if we use subjects n every component then when we emit its value all the components will subscribe it and calls unnecessary api's for eg i have 2 component dasboard and profile when i go to dashboard my api's give 401 then i call my refresh token and emit the subject value then my profile component will also subscribe it and calls the api which is not necessary and if i perform some action on button click and that api return 401 then how we will handle it
can you share your jwt refresh and token api source code? I created mine but isn't returning an object like yours....wanna see if am in a right directions.
Hi sir at 34:00 video when i use router to navigate link to one component it success but when i reload page in that component (example: your component 'localhost:3005/dashboard') it error pages loading not show api not show error message hope you can help me.
![เป็นไปได้ไหม - WanMai [Performance Video]](http://i.ytimg.com/vi/Eh5hItD4Mr0/mqdefault.jpg)
15:00 capture login tokens
28:19 for interceptors to make fetch calls
35:29 for refresh expired token
Good explanation. its better that, If share as video the APIs generation , for full stack knowledge
Ok will try in next video
Very Nice video, thanks for helping with nice videos.
Good explanation. For the refresh token, I think its better to store it in a http-only cookie. Its secure -> no access for attackers via javascript. With the refresh call the refresh token is automatically sent to the backend. Holding the refresh token in the angular app / browser is not necessary and insecure. Stealing the refresh token give attackers long access to the system. Acces tokens normally have a short lifetime 5 minutes for example.
Correct.
Very innovative
Thanks
superb vedio bro thanks
What's the point of using a refresh_token if it's next to an access_token? In this case, if the access token leaks, then along with the refresh token.
great content
after implementation of interceptor, login api will also need token right? currently i am getting error for this so how can we avoid login api to go through interceptor cause its showing error that Cannot read properties of undefined (reading 'token')
is it best practice to return the refresh token in the response ?
when multiple api request at the same time and in one api request token is expired how to implement in this senerio refresh token and jwt token .
Thank you Very much for the detailed explanation. Hi Sir, I am using Google IDP with implicit flow, How can I get a refresh token? silent-renew is not working.
Is this the same approach normally industry follow means using interceptor
Yes interceptor is the best way to handle this
Very nice sir
If you have a stand alone based application in angular 17 you don't have an app.module, how do you configure the interceptor then?
in the imports from app.component.ts
plz teach angular and nestJs togehter
Great tutorial
if we use subjects n every component then when we emit its value all the components will subscribe it and calls unnecessary api's for eg i have 2 component dasboard and profile when i go to dashboard my api's give 401 then i call my refresh token and emit the subject value then my profile component will also subscribe it and calls the api which is not necessary and if i perform some action on button click and that api return 401 then how we will handle it
No at a time whatever component is loaded in dom that's subject subscribe will execute
great video +1 like
Thanks
Sir the same way we can implement Jwt, refresh token in realtime project also
Yes
can you share your jwt refresh and token api source code? I created mine but isn't returning an object like yours....wanna see if am in a right directions.
Please connect on LinkedIn
thanks alot for the excellent content. Keep it up.
Welcome keep watching
please add oauth2 in angular.
Yes will soon create this one too
@@LearningPartnerDigital thanks
very nice sir can you please share api for this app?
freeapi.miniprojectideas.com/index.html
onLogin and refreshToken api giving cors error.
Please run angular project on 3006 port
Sir, could you please provide api code user in this video?
Hi sir at 34:00 video when i use router to navigate link to one component it success but when i reload page in that component (example: your component 'localhost:3005/dashboard') it error pages loading not show api not show error message hope you can help me.
Sorry but not clear.
Can u connect on LinkedIn n share error image
cool
onLogin api showing (Cors issue)
run project on 3005 port
@@LearningPartnerDigital
Sir instead of 4200 I need to run on 3005
@@LearningPartnerDigital thank you sir
@@vikashbanoriya142 on 3005 you should get response. It's allowed on same port make sure url is correct
thx man
Have you implemented this in your project and it's working fine??
not yet@@AnkitTiwari-qt5ds