Hello Victor. First of all I wanted to thank you because your project have been very helpful as an example for implementing a project of my own. I have a question for you about the code tho. Why in the api in the refresh token method you just erase the refresh token and not the previous generated access token in the redis db. It seems like it will always remain an orphan access token in the redis database if you do this I think. Is there any reason for you to do that?. Thanks again.
Hi Steven. Thanks for the answer. That makes sense. I will check it out it might be something on my implementation. The other thing is I don't see in the code in the frontend where you are encripting the password with the Bcrypt. Is that missing? or am I just don't seeing it?.
Hi,
The password is encrypted on the backend.
Go to this path: infrastructure/security/password.go
The function that hashes the password is defined there.
Some comments have been hidden by the post's author - find out more
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Hello Victor. First of all I wanted to thank you because your project have been very helpful as an example for implementing a project of my own. I have a question for you about the code tho. Why in the api in the refresh token method you just erase the refresh token and not the previous generated access token in the redis db. It seems like it will always remain an orphan access token in the redis database if you do this I think. Is there any reason for you to do that?. Thanks again.
Hi Jose,
For we to ever use the Refresh Token, it means the Access Token must have expired(and Redis deletes it automatically).
Hi Steven. Thanks for the answer. That makes sense. I will check it out it might be something on my implementation. The other thing is I don't see in the code in the frontend where you are encripting the password with the Bcrypt. Is that missing? or am I just don't seeing it?.
Thank you.
Hi,
The password is encrypted on the backend.
Go to this path: infrastructure/security/password.go
The function that hashes the password is defined there.