i using jwt, without refresh token. planning use it, have better user experience without having constant login after token expire.
my question :
- do need store refresh token in database , assign user?
- do user need provide username/password when using refresh token?
- why use refresh token, since can have longer period of expiry token?
Comments
Post a Comment