Course Hive
Search

Welcome

Sign in or create your account

Continue with Google
or
Refresh Token Rotation and Reuse Detection in Node.js JWT Authentication
Play lesson

Node.js Tutorials for Beginners - Refresh Token Rotation and Reuse Detection in Node.js JWT Authentication

4.0 (3)
30 learners

What you'll learn

This course includes

  • 15 hours of video
  • Certificate of completion
  • Access on mobile and TV

Summary

Keywords

Full Transcript

Web Dev Roadmap for Beginners (Free!): https://bit.ly/DaveGrayWebDevRoadmap Node.js JWT Authentication is leveled up when you add refresh token rotation and reuse detection. We'll also be adding support for multiple logins / devices to the an existing REST API in Node JS. 🚩 Subscribe ➜ https://bit.ly/3nGHmNn 🔗 Starter Source Code: https://github.com/gitdagray/mongo_async_crud 🔗 Completed Source Code: https://github.com/gitdagray/refresh_token_rotation 🔗 Node JS Full Course for building the REST API: https://youtu.be/f2EqECiTBL8 🔗 React Login Authentication Series: https://www.youtube.com/playlist?list=PL0Zuz27SZ-6PRCpm9clX0WiBEMB70FWwd 📬 Course Updates ➜ https://courses.davegray.codes/ Node.js JWT Authentication, Refresh Token Rotation and Reuse Detection (00:00) Intro (00:12) Welcome (00:40) Refresh Token Rotation Explained (02:26) Multiple Device / Login Support (04:03) Refresh Token Reuse Detection (11:08) Refresh Controller (16:50) Logout Controller (17:46) Auth Controller (21:09) Verify logout deletes refresh token (22:31) Delete an old token at login (24:46) Identify an expired refresh token (27:09) Confirm refresh token reuse detection (30:59) Check multi device / login support (32:32) Last Minute Addition: An important scenario ☕ Buy Me A Coffee: https://www.buymeacoffee.com/davegray TLDR: Nothing in the browser is 100% completely secure. We just secure it as best we can. Postman: https://www.postman.com/downloads/ 📚 Refresh Token Rotation and Reuse Detection References: Refresh Token Rotation at Auth0: https://auth0.com/docs/secure/tokens/refresh-tokens/refresh-token-rotation Refresh Token Rotation (LogRocket): https://blog.logrocket.com/persistent-login-in-react-using-refresh-token-rotation/ Is Refresh Token Rotation Really Enough?: https://stackoverflow.com/questions/64708231/refresh-token-rotation-is-it-really-enough 📚 JWT References: Intro to JSON Web Tokens: https://jwt.io/introduction All You Need to Know About Storing JWT in the Frontend: https://dev.to/cotter/localstorage-vs-cookies-all-you-need-to-know-about-storing-jwt-tokens-securely-in-the-front-end-15id NPM jsonwebtoken package: https://www.npmjs.com/package/jsonwebtoken NPM cookie-parser package: https://www.npmjs.com/package/cookie-parser Deleting Cookies: http://expressjs.com/en/api.html#res.clearCookie Cross-Site Scripting (XSS): https://owasp.org/www-community/attacks/xss/ Cross-Site Request Forgery (CSRF): https://owasp.org/www-community/attacks/csrf REST Security Cheat Sheet: https://cheatsheetseries.owasp.org/cheatsheets/REST_Security_Cheat_Sheet.html 👀 Visual Studio Code: https://code.visualstudio.com/ ✅ Follow Me: Github: https://github.com/gitdagray Twitter: https://twitter.com/yesdavidgray LinkedIn: https://www.linkedin.com/in/davidagray/ Blog: https://yesdavidgray.com Reddit: https://www.reddit.com/user/DaveOnEleven Was this Node.js JWT Auth tutorial about refresh token rotation and reuse detection helpful? If so, please share. Let me know your thoughts in the comments. #refresh #token #rotation

Course Hive

Continue this lesson in the app

Install CourseHive on Android or iOS to keep learning while you move.

Related Courses

FAQs

Course Hive
Download CourseHive
Keep learning anywhere