Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
AspMaster2019-07-03 21:52:33
ASP.NET
AspMaster, 2019-07-03 21:52:33

How to recognize refresh token in asp.net core?

For authorization I use a pair of access token and refresh. There is such a situation that instead of access, the user can send a refresh token in normal calls to the API, which is dangerous, since the life of the refresh token is much longer. How not to skip the refresh token in regular methods? There was an idea to push into the payload whether it is a refresh or not, but there must be a better way?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
V
Vyacheslav Zolotov, 2019-07-03
@SZolotov

Well, as if the access token is invalid, it should return 401 status and not let it go further

Similar questions
D
Dmitry2016-05-11 02:01:11
Moving from backend to frontend? 3Reply
A
Akimov Alexander2016-05-11 09:51:34
For what reason, the equipment through dll works in WinForm, but not in ASP.NET? 1Reply
W
wkololo_4ever2014-03-14 10:07:29
How to work with dependent tables in EF? 3Reply
A
Andrey Gubsky2014-03-14 22:44:03
How to implement a CalDAV server in C#? 1Reply
W
wutox2016-05-12 09:25:49
How to save form data on reload? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question