Question about refresh /access token
Hi, for a middleware, whats the best approach to renewing access/refresh token?
1) Is is better to check if access token is expired in middleware and if so, check refresh token and its valid simply pass the new access/fresh via http cooki
2) Or use client/server side interaction- middleware only checks for access token. If request fails, the client send a request to /refresh and this route validates the refresh token, if valid it sends new refresh/access token to client. Client reattempts original request to server.
1) Is is better to check if access token is expired in middleware and if so, check refresh token and its valid simply pass the new access/fresh via http cooki
2) Or use client/server side interaction- middleware only checks for access token. If request fails, the client send a request to /refresh and this route validates the refresh token, if valid it sends new refresh/access token to client. Client reattempts original request to server.
Similar Threads
Was this page helpful?
