Why does JWT set 2 token??

it is found that when many people on the Internet use JWT, they will set 2 token:access_token and refresh_token,access_token to expire in 2 hours, and refresh_token to expire in 7 days. If the access_token expires, the refresh_token will not expire and a new access_token, will be generated. If the refresh_token expires, let the user log in again.

I wonder if you can just set a token to expire in 7 days. It is said that setting 2 token is more secure, but if someone can get one of your token, he will definitely get the other. Or is it necessary to set up 2 token for some special scenarios? Hope that experienced people can help to answer questions and questions!

Thank you!

Token jwt
Jun.22,2021

this question has seen a lot of posts, but it is really not very clear. As far as I understand it, the emergence of, refresh token is entirely in response to the scenario in which accessToken is stored on the client, and the: access token is stored on the client, which may be leaked, so the general license server gives access token a shorter expiration time. Once expired, the user will be required to log in again (for example, two hours later), which is not a good user experience at all. Then there is refresh token, which is generally stored directly on the server, and its function is to retrieve it after the access token expires, reducing the frequency of users logging back in.

refresh token if there is no client, how can the client let the server know that it once owned this refresh token?

for security reasons, refresh_token will only communicate between requesting resource party and authentication party to obtain new access_token , while access_token besides the above two servers, It will also communicate with the resource provider (resource server) to request for resources, which will inevitably increase the security risk

Previous: Who can provide a project case of angularjs development?

Next: Under win10, how to solve the problem of "No module named 'pip'"?

css mysql arrays josn react html typescript webpack npm sass R objective-c .net sql-server jquery python-3.x angularjs django angular excel regex iphone ajax linux xml pandas vba spring database wordpress string wpf xcode windows bash postgresql oracle multithreading eclipse list firebase algorithm macos forms image scala visual-studio azure bootstrap spring-boot react-native python-2.7 docker performance function winforms matlab powershell apache dataframe api sqlite numpy rest shell selenium flutter dart maven loops qt swing android-studio csv express file class tensorflow sorting codeigniter perl
© 2021 CodesHelper
Advertising Contact us About us
Menu