NestJS Refresh Token: Step By Step Guide With Passport.JS

This video is about adding a refresh token feature to a NestJS project. It starts with explaining the difference between access tokens and refresh tokens. Then, it shows how to create a refresh token and send it back to the client along with the access token. The video also covers how to create a refresh token API and a refresh token strategy. Finally, it demonstrates how to use the refresh token to get a new access token. Here are some key points from the video:

Difference between access tokens and refresh tokens: Access tokens are short-lived JWTs used to access protected resources, while refresh tokens are long-lived JWTs used to obtain new access tokens.
Creating a refresh token: The video shows how to create a refresh token with a different secret key and expiration time than the access token.
Refresh token API: The video creates a refresh token API that uses a refresh token strategy to validate the refresh token and create a new access token.
Refresh token strategy: The video creates a refresh token strategy that extracts the refresh token from the request header, validates it, and returns the user ID.
Testing the refresh token: The video demonstrates how to use the refresh token to get a new access token and use it to access a protected resource.


Chapters:
0:00 Intro
0:15 What Is Refresh Token
2:48 Creating Refresh Token
3:42 Refresh JWT Configs
9:50 Refresh Token Strategy
12:50 Refresh Auth Guard
13:37 Refresh Token API
15:35 Testing

#nestjs #authenticationtoken #refreshtoken