Custom authentication logic for `/refresh` endpoint

Question

Custom authentication logic for `/refresh` endpoint

Closed this issue 4 years ago · 0 comments

Issue:

If access token expires before it's refreshed, the currently available refresh token is also useless as it can't be used to refresh the access token, because the endpoint uses the same middleware for authentication as other endpoints

Possible fix:

Writing a new middleware function specifically for this endpoint
Adding a check for the endpoint in the existing middleware