expressjs-api-tutorial icon indicating copy to clipboard operation
expressjs-api-tutorial copied to clipboard
verified publisher icon makinhs

Refreshing an expired JWT token

Open kristof opened this issue 4 years ago • 0 comments

I was wondering if the use case of refreshing an expired JWT token is covered, and if not how you would approach solving/implementing this.

it(`should POST to /auth/refresh-token and receive 403 for having an invalid JWT`, async () => {
    const res = await request(app)
        .post('/auth/refresh-token')
        .set('Accept', 'application/json')
        .set('Authorization', `Bearer ${jwt.accessToken}123123`)
        .send({
            "refreshToken" : jwt.refreshToken
        });
    expect(res.status).to.equal(403);
});

The test above covers that there needs to be a valid access token in order to refresh. Whenever the access token is expired this use case also fails, making it impossible to refresh.

Any ideas?

kristof avatar Sep 30 '21 14:09 kristof