0

I have a get refresh token api like this http://token.net/api/auth/refresh-token . I want to use it in my login function but to be honest I don't know anything about refresh tokens. how can I implement the refresh token into this.

LoginAuth.js

export const useLogin = () => {

    const LoginAuth = async (data: AuthenticationProps) => {
        await axios.post(`client.com/auth/login`,
        {
            email: data.email,
            password: data.password,
        },
        {
            headers: {
                "Content-Type": "application/json",
                Accept: "application/json",
            }
        }
        )
        .then((res) => {
            if(res.status === 200) {
                console.log("works");
            }
        }, (err) => {
            console.log(err);
        })
        
    }
    return {
        LoginAuth,
    }
}
Elena Barden
  • 15
  • 5
  • I'd strongly recommend not implementing this yourself and instead go with something like OAuth2. This also has refresh tokens, there's lots of standard clients, servers and libraries and they will have thought of all the security issues. – Evert May 29 '22 at 15:26
  • This is how to extract token from bear token: https://stackoverflow.com/questions/50284841/how-to-extract-token-string-from-bearer-token – Andy Li Dec 15 '22 at 08:51

1 Answers1

1

Refresh token is used to generate new access token for an application. If the access token has an expiration date, once it expires, the user would have to authenticate again to obtain an access token.

Steps:

  • After successful login response, store token in localStorage.
  • Add axios response interceptor method axios.interceptors.response to call refresh_token API and update localStorage with new access_token.
  • whenever token will get expired, API call will returnINVALID_TOKEN code in response and refresh_token API will be called.

Now, further any API will be called with new refreshed token.

Savi
  • 61
  • 1
  • 3
  • thank you for your help. but I don't know how to get the token first. :l after the login I see the bareer token in the console log. but how can I get that token and save in the local storage. – Elena Barden May 29 '22 at 23:03