Комментарии:
`${process.env.jwt_secret}` is incorrect solution because it cause empty string as secret ;)
ОтветитьHello Sir, for /refresh API I can not pass the token via body it's asking for the user name what is the issue. @UseGuards(RefreshJwtAuthGuard)
@Post("/refresh")
async refreshToken(@Request() req: any) {
//console.log(req.user);
return await this.authService.refreshToken(req.user);
}
I really like how you teach these series ! Please build more authenticate and authorization NestJS app with key cloak 💥💥
ОтветитьGreetings from Brazil, amazing tutorial, helped me a lot!
Ответитьthnks dude! such a great video! i've learning so much w/ this!. Greetings from Brazil!
ОтветитьIt would be great if you upload a video on integrating microservice with Nest.js using Kafka. Thanks!
ОтветитьI saw refresh token and access token have same payload, I think refresh token can be access main jwt authguard too? referesh token was too waste. i've googling referesh token concept but nothing. you can create token and refresh token with same payload but the secret key must be different
ОтветитьThank you for this video! It was of great help for me.
Ответитьwhere and how we can store logged in user imformation like email, user_id, and role for further uses
ОтветитьYou created JwtStrategy class and defined that in auth provider and you don't used from that. why?
ОтветитьThank you very much!!!
ОтветитьThank you for this! I m looking forward to the TypeORM tutorials for NestJS. :D
ОтветитьI am stuck here. My refresh token is always coming without the payload encoded. I noticed that the the user passed to the refreshToken function seems to be empty. But when I use console.log(user), I can see the data. But when I try to use the data to populate the payload, the payload is always empty as if it cannot read any of the user properties. What is going on? Please note that I also checked the newly generated AccessToken that you produced, and it seems it is having the same issue
Ответитьgood
ОтветитьCould you complete this by adding simple roles?
Ответитьwhere does passport compare that payload is correct?, i mean if you decode jwt from bearer header, you should see if payload is correct.
ОтветитьEveryone writes guides about jwt token so cool, but no one wrote down what to do if an attacker stole a refreshToken
ОтветитьCan you prepare a dockerize tutorial that simulates dev and prod environment? Thames 👌
Ответить