flow design for access and refresh token- JWT
let build low-level-design for the same.
login the user with credential and validate it after…
one’s the token is store on both side server and client. if now user try to access the pages authenticate the user with that token’s
first validate the access token, if the access token is expire than validate the refresh token to generate new access token and refresh token.
if refresh token is also expire than redirect the user to login route. after success credential generate new access token and refresh token and repeate the same cycle.
note: every time when we generate new token, we generate both new access token and refersh token.