.NET 6 Web API Create Refresh Tokens - JSON Web Tokens (JWT)

hey bro, just wanna say i passed my semester like around a year ago because of your youtube videos lmaooo. you're the man!

OmesaHD

Thanks Mohammad, exactly what I just asked for in the comments of your video where you setup the access_token logic.

ttncmok

Thank you for putting videos out like this. Much appreciated.

kenneth

Appreciate the effort here, refresh token fully functioning in my solution. Many thanks

mattparsons

thanks for your time and effort, i have one question, at time 1:17:30, the comparison should be reversed, expiryDate its expected to be bigger than now time, it means that we are still under the maximum time allowed, like in the 2nd expiry date comparison.

RobertoGaxiola

Apologies for being pedantic, but that first check on your jwt expiry, if we know that the frontend has gone for a refresh of tokens, it is already knows the jwt has expired, why check it again? If anything, if there is a call to refresh tokens, and the jwt expiry is greater than the UtcNow, possibly return it with "Refresh not required"

haydenfisher

Thank you very much
I have a question: What I we user JWT for refresh tokens as well? so the client can check the expiration date and logout the user automatically.

tahateber

Thanks, When I have to revoke to token?
What are the use cases?

ahmadalzoubi

hey mohammad,
plz, could u write a tokenvalidateparams
when we use it in validate token?
isnt work if validateliftime is true
and clockskrew is zero
thanks ❤

ayhamalama

Tutorial on oatuh2 and how to add roles would be great!

modestasvac

Can you please tell me where to call RefreshToken Method in the client-side-code.

katrykonig

Jesus Christ, I feel italian watching this.

eduardrivas

33:51 you use options pattern in line 21 but in the next line you access secret value directly using configure.configuration.section, then you're not using JwtConfig at all, that makes no sense, and you do the same thing in the controller, why you declare options pattern if you are not using jwtconfig class. if you use ValidateToken

method, you don't have to check whether token is expire or not, validatetoken throw a securetokenexpiredexception, you are reinventing the wheel. You have a bug, you are not using resfreshtoken login well, because you check if token have expired and return response inmediatly, you don return a new token taking refreshtoken in consideration

haroldpepete

Thx for the instructive video which explains a lot.
The part i did not understand is when are we checking the refresh token that is created on login on requests? is it going to be handled by frontend?
Also is there gona be a video about roles?

furkankoc

Awesome content man..
just a request tho.. please edit your videos.. there are mistakes of fixing stuff that can be removed and it makes the video a lot less shorter..

idkanymoreman

Thank you very much for this video. You made things that I find extremely difficult a lot more clear. One thing that I feel is missing from this video is what to do with the tokens in the database. The database will fill up quickly with tokens and there must be a process that cleans up expired tokens from the database. How would you implement this efficiently?

dennisvandermeer

Thank you for a very well rounded tutorial. Could you provide me with a link to the github repo, having trouble finding it

haydenfisher

can't view ng source code for this tutorial please help

kimrobertrozen

Continue posting PlayList Health Track Management

sunilr

What is OAUTH 2.0 Explained in detail - Session 2 - || Interview related discussions.

ShilpeePandey-bfmo