Hot Chocolate GraphQL Custom Authentication Series Using Pure Code First Technique - Part4 - Refresh Token
Part3 we had enabled the JWT token validation and discussed different authorization techniques as well. In this article, we will understand Refresh Token creation and its usage. When To Use Refresh Token: A refresh token is a unique random encrypted string. On the expiration of the JWT auth access token, instead of showing a login page to the user, we can make the user authenticated immediately using the refresh token. By using refresh token we can fetch new user access tokens from the server without any user credentials. Generate Refresh Token: In 'AuthLogic.cs' file add a new private method like 'GenerateRefreshToken()'. Logics/AuthLogics.cs: private string GenerateRefreshToken() { var randomNumber = new byte[32]; using (var generator = RandomNumberGenerator.Create()) { generator.GetBytes(randomNumber); return Convert.ToBase64String(randomNumber); } } Here using 'System.Security.Cryptography.RandomNumberGenerator' generated refresh token of leng