Refresh Token Rotation and Reuse Detection in Node.js JWT Authentication

Описание к видео Refresh Token Rotation and Reuse Detection in Node.js JWT Authentication

Web Dev Roadmap for Beginners (Free!): https://bit.ly/DaveGrayWebDevRoadmap

Node.js JWT Authentication is leveled up when you add refresh token rotation and reuse detection. We'll also be adding support for multiple logins / devices to the an existing REST API in Node JS.

🚩 Subscribe ➜ https://bit.ly/3nGHmNn

🔗 Starter Source Code: https://github.com/gitdagray/mongo_as...

🔗 Completed Source Code: https://github.com/gitdagray/refresh_...

🔗 Node JS Full Course for building the REST API:    • Node.js Full Course for Beginners | C...  

🔗 React Login Authentication Series:    • React Login, Registration, and Authen...  

📬 Course Updates ➜ https://courses.davegray.codes/

Node.js JWT Authentication, Refresh Token Rotation and Reuse Detection

(00:00) Intro
(00:12) Welcome
(00:40) Refresh Token Rotation Explained
(02:26) Multiple Device / Login Support
(04:03) Refresh Token Reuse Detection
(11:08) Refresh Controller
(16:50) Logout Controller
(17:46) Auth Controller
(21:09) Verify logout deletes refresh token
(22:31) Delete an old token at login
(24:46) Identify an expired refresh token
(27:09) Confirm refresh token reuse detection
(30:59) Check multi device / login support
(32:32) Last Minute Addition: An important scenario

☕ Buy Me A Coffee: https://www.buymeacoffee.com/davegray

TLDR: Nothing in the browser is 100% completely secure. We just secure it as best we can.

Postman: https://www.postman.com/downloads/

📚 Refresh Token Rotation and Reuse Detection References:
Refresh Token Rotation at Auth0: https://auth0.com/docs/secure/tokens/...
Refresh Token Rotation (LogRocket): https://blog.logrocket.com/persistent...
Is Refresh Token Rotation Really Enough?: https://stackoverflow.com/questions/6...

📚 JWT References:
Intro to JSON Web Tokens: https://jwt.io/introduction
All You Need to Know About Storing JWT in the Frontend: https://dev.to/cotter/localstorage-vs...
NPM jsonwebtoken package: https://www.npmjs.com/package/jsonweb...
NPM cookie-parser package: https://www.npmjs.com/package/cookie-...
Deleting Cookies: http://expressjs.com/en/api.html#res....
Cross-Site Scripting (XSS): https://owasp.org/www-community/attac...
Cross-Site Request Forgery (CSRF): https://owasp.org/www-community/attac...
REST Security Cheat Sheet: https://cheatsheetseries.owasp.org/ch...

👀 Visual Studio Code: https://code.visualstudio.com/

✅ Follow Me:
Github: https://github.com/gitdagray
Twitter:   / yesdavidgray  
LinkedIn:   / davidagray  
Blog: https://yesdavidgray.com
Reddit:   / daveoneleven  


Was this Node.js JWT Auth tutorial about refresh token rotation and reuse detection helpful? If so, please share. Let me know your thoughts in the comments.

#refresh #token #rotation

Комментарии

Информация по комментариям в разработке