JWT and security approach


#1

Hello,

Thank you for this course, it’s very interesting.

I wanted to know how it’s done creating and refreshing the token (jwt) from the front.
Can you tell me the stack of calls from the front?

Will you approach the subject of security in a future episode?

Thank you.


#2

I’m not sure what u mean by “from the front”. If you mean API for calling from frontend application then you can look at MVC controllers:

FYI the host part for local development is http://localhost:5002.
First allows you to sign-up, sign-in, chnage password and get basic data about your identity.
Second allows you to refresh or revoke your access token using refresh token. Both tokens are returned after signing in:

jwt

Speaking of security episode we haven’t discussed it yet with Piotr so I’ll let you know as soon as we will do it :wink:


#3

Thank you for reply.