Комментарии:
the best channel for .Net Developers :)
Ответитьokay, I have a question here, why in the refresh token endpoint u're generating a new refreshtoken What is the point, I mean why?
isn't it supposed that refresh tooken generate a new access token, and that's it?
Thank you for ur video and also medium articles really helpful
Nice 😊
ОтветитьHow call Refresh Toker method
ОтветитьJust wanna say thank you! Love your content. You're a great teacher. Even purchased your course. <3
Ответитьhi Patrick ! how do i revoke a token?
ОтветитьPlease use white background.
ОтветитьWhen requesting new Token, you are re-generating refresh token with new expiration date doesn't that mean it will never expires as long as client asking for new token? is this intended behavior?
ОтветитьGreat video and thanks a lot Patrick. Just wanted to know how to implement a logout api and destroy the jwt and refresh tokens.
ОтветитьHello!Thanks for the video!Could you also show how Logout method can be provided?
ОтветитьThak you!!
ОтветитьSencacional obrigado pelo vídeo meu amigo, me ajudou muito, tenho muitas dúvidas na implementação desses recursos.
Ответитьhow JWT logout !!
ОтветитьThanks for sharing Patrick!
May i ask, wouldn't it be better to send the refresh token as a json response, thinking that the receiver might not handle cookies?
These four JWT videos were pretty quick tutorial, thank you Patrick. now, time to deep dive and implement best practices :3
ОтветитьHi @Patrick God - I am getting error at line Request.Cookie["refreshToken"]. Error Message: "IFeatures Collection has been disposed, object Name : Collection"
ОтветитьThe first time you authenticate you provide a username an password (or clientid and secret). And if the information provided by the user is valid, then a response contains a short-lived access token along with a long-lived refresh token gets generated.
The refresh token is not an access token it is just an identifier for the access token. Now once the access token is expired, the user can use the refresh token to obtain another short-lived access token and so on. So you don't need to provide username and password when the short-lived access token expires (e.g. after 30 minutes) each time. Only if the refresh token expires (e.g. after 24 hours) you need to provide a username and password to authenticate and get a new short-lived access token and refresh toiken.
nice video. One thing Should the refresh token expiration date be the same as the JWT token expiration date?
ОтветитьGenial muchas gracias.
ОтветитьThis series was absolutely amazing man, thank you. I appreciated the fact that you kept things simple and not wasting time with things we already know.
ОтветитьHi @patrik God please make a video that how we connect this all register login and refresh token with the database
ОтветитьIf I secretly intercept the refreshToken, can I keep generating the token secretly? What is the meaning of the token?
ОтветитьHi Patrick, can you do a video of the integration in the frontend whit this Login?
ОтветитьHi Patric,
can you please share links to the first videos in this series ?
thanks
does your skillshare video contains how to make the frontend part?
ОтветитьAnother great session, thanks Patrick!
ОтветитьI have a slight challenge (okey a bit more than a "slight challenge") about how the refresh token is triggered.
I understand that when the authorization token is expired you can use the refresh token to authenticate to get a new valid (unexpired) authentication token.
But from a web client how would that look?
Ie. what happens when the web client opens a page - the authentication token fail due to expired token... what then? (I don't see any "automagic" that call the RefreshToken endpoint)
Any hints on how it work is greatly appreciated.
Do you have any books? I like your style but im more into reading than watching videos.
Ответитьwhat if you have multiple roles, how would you do it in claims ?
ОтветитьHello Patrick, thank you for all the videos, I also bought your course on identity, just want to ask if you could create an example on reporting, any way you want, how do I create or use report tools on blazor, thank you 🙏🏼
ОтветитьHi Patrick, will you Update the course in Udimy also I'm already enrolled there, you know we have complete e-commerce project there
ОтветитьIt is better to write refresh token in local storage and send it to the refresh-token action every time is needed. Also we should create a table for user tokens and add user tokens in it because a user can have multi tokens and user tokens table primary key is refresh token GUID.
ОтветитьThanks for the JWT videos, This is the best explanation I have seen
ОтветитьPatrick, if i use authorize role how to i add or custume error message n?
ОтветитьGreat stuff, thanks 👍
ОтветитьThanks, and for disable or invalidate token before expire ?
ОтветитьSir , Please give me answer , Why do we use refresh token ? What are the advantages?
ОтветитьWhat are the links to the first 2 parts ? There are a few videos on this topic. Thanks.
ОтветитьWhy do we use refresh token what's the purpose of it
Ответить