Short living jwt token and one-time jwt refresh token will add protection from token stealing. If someone steals an access token - in works for a short time, if someone steals a refresh token, it would log out the current user because his refresh token is no longer valid. When the user logs in again it invalidates the refresh token of the attacker.
We're a place where coders share, stay up-to-date and grow their careers.
We strive for transparency and don't collect excess data.