search

VanshKing30 / FoodiesWeb

GssoC'24 Project | Open To Contributers
https://foodies-web-app.vercel.app
MIT License
61 stars 155 forks source link

Feat:Access Token & Refresh Token #401

Open Vinaysohaliya opened 4 months ago

Vinaysohaliya commented 4 months ago

Describe the feature

i want to add Access Token & Refresh Token for seamless auth in website hear is benefit for adding it , -> Improved Security: Access tokens and refresh tokens help in maintaining secure communication between the client and server by ensuring that only authenticated users can access protected resources. This reduces the risk of unauthorized access. -> Seamless User Experience: By using tokens, you can implement automatic token refreshing without requiring users to log in repeatedly. This creates a more seamless and user-friendly experience.

Add ScreenShots

Screenshot 2024-07-01 220445

Record

hustlerZzZ commented 4 months ago

Do you mean storing JWT token in the DB ?

priyankMS commented 4 months ago

i want to work on that please assing me

hustlerZzZ commented 4 months ago

i want to work on that please assing me

can you explain how you will work on this?

priyankMS commented 4 months ago

Create both Access Token and Refresh Token upon successful user authentication. Store tokens securely in client-side (browser) and server-side sessions. Implement automatic token refreshing using the Refresh Token to maintain user sessions. Ensure all token exchanges between client and server are encrypted (HTTPS). Provide a seamless user experience by minimizing login prompts through token-based authentication.

On Sun, 7 Jul 2024 at 08:19, Prince Pal @.***> wrote:

i want to work on that please assing me

can you explain how you will work on this?

— Reply to this email directly, view it on GitHub https://github.com/VanshKing30/FoodiesWeb/issues/401#issuecomment-2212298240, or unsubscribe https://github.com/notifications/unsubscribe-auth/AXGNL4VI37AA5NW5MXDS6Y3ZLCUDBAVCNFSM6AAAAABKF5LDLWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDEMJSGI4TQMRUGA . You are receiving this because you commented.Message ID: @.***>

Vinaysohaliya commented 4 months ago

@hustlerZzZ i save refresh Token in db and also store in cookie ot localstorage, so when user accessToken expire then i will send user to change-token route , so in that they verify refresh Token and further i will give them new accessToken

priyankMS commented 4 months ago

okay i do it

hustlerZzZ commented 3 months ago

okay i do it

Kindly proceed