I've been trying to solve this for over a week now. I had to scroll all the way down to find this gem. You're a great teacher man. Note: Always scroll down on UA-cam for quality and straight to the point video.
This is the simplest explanation and implementation of refresh token I've seen on UA-cam. Every other ones are just overly vague and complex. Thank you and you earned a new subscriber.
Hi. I'm working on a real project, and I'm having this situation. I found your approach by accident. Although it has few views, the quality is much better than the videos I found. I want to say thank you very much. Very good and realistic video :3
If you're navigating unauthorized routes for that 30s then want to navigate to the authorized route the access token expires. Then the axios interceptor calls the /refresh route, but the /user endpoint fails again. This does not seem like a good user experience. You have to navigate away from the authorized route then back again to see the UI or the user name. Is this just how the updating with the Authorization header works? its not asynchronous on the frontend. I checked the code on github and its doing the same thing.
How are you receiving and storing the cookie on the browser when the server and client are on different domains? I have been battling with this for days. I have read more articles, chat GPT, stack overflow etc in 5 days than I have in an entire year. The cookie is sent from the server but the browsers doesn't store it because if from a separate domain so please HOW 😢
when I use WithCredentials in axios call I got this error: Access to XMLHttpRequest at '****************************' from origin 'localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
I've been trying to solve this for over a week now.
I had to scroll all the way down to find this gem.
You're a great teacher man.
Note: Always scroll down on UA-cam for quality and straight to the point video.
This is the simplest explanation and implementation of refresh token I've seen on UA-cam. Every other ones are just overly vague and complex. Thank you and you earned a new subscriber.
Hi. I'm working on a real project, and I'm having this situation. I found your approach by accident. Although it has few views, the quality is much better than the videos I found. I want to say thank you very much. Very good and realistic video :3
Finally someone who knows how to make a video that really explains, you are the king bro👑👑👑
this was the clearest explanation of the videos i have watched. thank you so much bro
Best video I have been searching for this all day. Thank you
Wanted to tell you that you made my life easy after this.😌
Thank you so much! All other implementations I found were too vague
Good one....
Please can you share the link for the back end?
Hi , thank you for the tuto , 29:02 Can you give us the code for the ' refresh' endpoint in laravel plizzz ?
Thank you very much!! subscribed!!!
This save my life.. lol
Thank you very much for this video
Thank you very much,
How to proceed if I store the refresh token in the database ?
I love this. keep it on
If you're navigating unauthorized routes for that 30s then want to navigate to the authorized route the access token expires. Then the axios interceptor calls the /refresh route, but the /user endpoint fails again. This does not seem like a good user experience. You have to navigate away from the authorized route then back again to see the UI or the user name. Is this just how the updating with the Authorization header works? its not asynchronous on the frontend. I checked the code on github and its doing the same thing.
מלך 👑
I think I missed the backend part.
can anyone pinpoint it to me?
I want to see if it is similar to mine.
Is that safe way to save tokens, can attacers(XSS, CSRF) easly attack or it's secure in some way?
thanks a lot!
How are you receiving and storing the cookie on the browser when the server and client are on different domains?
I have been battling with this for days. I have read more articles, chat GPT, stack overflow etc in 5 days than I have in an entire year. The cookie is sent from the server but the browsers doesn't store it because if from a separate domain so please HOW 😢
You may have already solved it but I had the same issue.
I added these two extra options to the cookie: sameSite: "none", secure: true,
very good bro
the cookie is set on the postman and but isn't being set on the browser while using react . What might be the problem?
Did you solve this problem? I have been having this issue for almost a week* server sends, browser ignores
@@desmondodion9046 sent it as a response
@@desmondodion9046 if it is in production the host name must be same in order to obtain the cookies
@@desmondodion9046 did you solve that problam please
Хороший ролик, спасибо
hi where you have written server code
haha how i love your accent so cute
Hi,Where can i find the server side code?
With mysql ???
what if i refresh the page, will that token be removed?
The refresh token will not be removed as it is stored as cookie.
Are you king ?
Awesome ++++++++++++++++++++++++++
with django
Next week probably
when I use WithCredentials in axios call I got this error:
Access to XMLHttpRequest at '****************************' from origin 'localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
use cors from server man its worked for me