Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
AspMaster2019-07-03 21:52:33
ASP.NET
AspMaster, 2019-07-03 21:52:33

How to recognize refresh token in asp.net core?

For authorization I use a pair of access token and refresh. There is such a situation that instead of access, the user can send a refresh token in normal calls to the API, which is dangerous, since the life of the refresh token is much longer. How not to skip the refresh token in regular methods? There was an idea to push into the payload whether it is a refresh or not, but there must be a better way?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
V
Vyacheslav Zolotov, 2019-07-03
@SZolotov

Well, as if the access token is invalid, it should return 401 status and not let it go further

Similar questions
A
Andrew2015-08-17 07:51:42
How do I remove the Windows 10 install notification? 3Reply
A
Andrew2021-02-21 00:08:00
ASP.NET multithreading question - how do blocked threads work? 1Reply
A
Andrey Mokeev2017-02-19 22:43:00
ASP .NET Core: Routing. How to make multiple categories at the beginning of a URL? 1Reply
A
Antoxa Zimm2015-02-19 12:46:40
Error compiling gated checkin ASP.NET vNext application, what is Microsoft.Web.AspNet.Props? 1Reply
A
agoge2015-02-23 11:33:37
Why is the GetEnumerator() method of the IEnumerable interface implemented twice? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question