1.store refreshToken=>token in redis db in server (if we can store in redis server will that cache remain alive till the refresh_token remains alive -like for 2-3 days or even a week)
2.whenever server recieves an expired token, it verfies the expired token from that mapping in no.1 and sends a new token to the client
3.I can store refreshToken in a cookie with better security like {sameSite} {httpOnly} {secured} and send it to server in every request from client
please correct me if this understanding is wrong, thank you
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
thank you for your response,
1.store refreshToken=>token in redis db in server (if we can store in redis server will that cache remain alive till the refresh_token remains alive -like for 2-3 days or even a week)
2.whenever server recieves an expired token, it verfies the expired token from that mapping in no.1 and sends a new token to the client
3.I can store refreshToken in a cookie with better security like {sameSite} {httpOnly} {secured} and send it to server in every request from client
please correct me if this understanding is wrong, thank you