79 likes
·
11.5K reads
16 comments
I would do it slightly differently, I would send the rT in a cookie instead of sending it in the response , and in the frontend I resend this cookie on every request for protected route back to the backend and compare it's value with the original rT sent upon authentication which would be stored in the db, and maybe not storing the tokens in the local storage but rather in the memory.
Ah, yes.. Great suggestion... It's never a good idea to store the tokens on frontend. But I wanted to explain only the frontend side of the authentication in a visual manner, that's why I went with it. I'll explore the full stack side of it another day in a more secure way.
I would appreciate if you could go into the backend as well 🙃. Great article!
Sure, coming soon...
Everything was explained pretty nicely. Now I have much more clarity around this topic 👍. Waiting for the backend part..
The axiosInstance.ts file no longer works with the latest React Query / Typescript (April 2023). Hopefully you can update the article. As someone who is new to React, your approach makes total sense to me, but I'm struggling to figure out how to make it work.
Hi Gabhan,
I'll be writing a series of articles on production grade authentication which is going to cover everything in depth with the latest tools and patterns, stay tuned!
nn
Hi K Srinivas Rao, can I get your email please, I need help with react query and nextjs
You can find it on my blog profile
The try-catch inside the interceptor does not catch anything, the interceptor keeps looping within itself
Hey,
I'll be writing a series of articles on production grade authentication which is going to cover everything in depth with the latest tools and patterns, stay tuned!
если можно версию с куки, аксес рефреш токен, с защитой роутов и с тайпскриптом.