It's a great comment. Web development means two things - ORM and API consumption, but not making counters and creating useless functions like console.log
Can you create a video that shows how to implement RefreshToken and save it in a SQL Server database table ? I know you skimped over it in this video. Thank you for the videos on tokens so far. I am following your videos closely, so I can get this right in the real world.
I'm actually having a hard time wrapping my head around transferring the refresh token (cookie) from the server to an Angular client, then that same client sending the same cookie back to the server during a "refresh token" call, without explicitly sending stringified values through REST, rather leaving them as cookies. I know in Angular's auth.service, a string is returned (the jwt value etc), but is the cookie also there and parseable somewhere? Thanks
Cookie with SPA not working in just case... Backend (C#, Node.js, etc) return a access token and refresh token... And after this?? Well, only my opinion... Access token is not saved in database... Why refresh token is saved in database?? The security is in block or not the user in user table, not in create a table to insert the refresh token with user id and check out this...
Hello Patrick! thanks for the videos. I watched all of ur JWT token videos and i wanna ask question. Jwt token works fine in my application, but i get 'invalid token' error on jwt debugger even i use secret key??
Hi. Sorry if this a stupid question, but from client app when shall I make a request to refresh token endpoint? When I start the client app and notice that the current token is expired? Thanks
refresh tokens and the access token is created together while authenticated by server , behind the scene the refresh token is already kept in a safe place by the server so when access token is about to expire it automatically allows users to continue his use smoothly without re-login so there is no logic to make a request for refresh token while already entering inside the system its already set in the backend to check the expiry of the access token and replace it in the desired , so far user don't feel anything until the refresh token is expired
No, the app would request a refresh token within the 7 days. If this doesn't happen, e.g., the app wasn't used during this period then the user would have to login again
![ILLSLICK X YOUNGOHM - We're The same [Official Video]](http://i.ytimg.com/vi/yUJNkobYR0E/mqdefault.jpg)
I wish there is a database saving --so it's not only the "idea" we know but the actual usage as well.. i appreciate all your video.. very helpful!
And with identity!
Thanks for the feedback. I added it to my backlog. Complete authentication with a database would definitely be a great tutorial. 😊
@@PatrickGod We're waiting
It's a great comment. Web development means two things - ORM and API consumption, but not making counters and creating useless functions like console.log
Hey Patrick, are you thinking about making a tutorial of a mobile app usage of this API ? With for example /get authenticated user profile.
Could you please push this changes in the repo?
I would love to see you implement a polly retry to automate the refresh token
you can use a custom middleware here.
Can you create a video that shows how to implement RefreshToken and save it in a SQL Server database table ? I know you skimped over it in this video. Thank you for the videos on tokens so far. I am following your videos closely, so I can get this right in the real world.
I'm actually having a hard time wrapping my head around transferring the refresh token (cookie) from the server to an Angular client, then that same client sending the same cookie back to the server during a "refresh token" call, without explicitly sending stringified values through REST, rather leaving them as cookies. I know in Angular's auth.service, a string is returned (the jwt value etc), but is the cookie also there and parseable somewhere? Thanks
Hey patrick using this jwt token, authenticate in blazor please upload a video on it
How do you set up https on iis internal use only
Cookie with SPA not working in just case... Backend (C#, Node.js, etc) return a access token and refresh token... And after this?? Well, only my opinion... Access token is not saved in database... Why refresh token is saved in database?? The security is in block or not the user in user table, not in create a table to insert the refresh token with user id and check out this...
Hello Patrick! thanks for the videos. I watched all of ur JWT token videos and i wanna ask question. Jwt token works fine in my application, but i get 'invalid token' error on jwt debugger even i use secret key??
Hi. Sorry if this a stupid question, but from client app when shall I make a request to refresh token endpoint? When I start the client app and notice that the current token is expired? Thanks
refresh tokens and the access token is created together while authenticated by server , behind the scene the refresh token is already kept in a safe place by the server so when access token is about to expire it automatically allows users to continue his use smoothly without re-login so there is no logic to make a request for refresh token while already entering inside the system its already set in the backend to check the expiry of the access token and replace it in the desired , so far user don't feel anything until the refresh token is expired
And now we have an issue with CORS because of Cookies)
If your UI try to call RefreshToken endpoint it will get an Error.
The github code is not updated
i have completed full series of 4 videos. i have bit confusion. if i used this webapi in mobile application every 7 day user have to login again ??
No, the app would request a refresh token within the 7 days. If this doesn't happen, e.g., the app wasn't used during this period then the user would have to login again
your last name suits you!
That is very kind of you. Thanks! 😊
Try to make keycloak
56