DEV Community

Discussion on: Build a Robust JWT Auth System in Node.js: Access and Refresh Token Strategy

Collapse
 
smitterhane profile image
Smitter

Thanks for pointing out, actually in early stage of the source code, access token was being saved to the database on user sign up. And authentication middleware will test for a match between the access token in the request header versus the one in the DB.
The problem with this method is that it beats the logic of stateless authenication where there should be no DB lookups in the authentication middleware. So I changed the source code to depict pure stateless authentication and forgot to change some parts of the article like you have mentioned.

I shall update the article to 100% confer with what the source code in github is doing; answering "the why" and "how".

Collapse
 
harsh9o9 profile image
Harsh Bhardwaj

Could you kindly verify if the article is current? I've noticed some inconsistencies between the code mentioned and the code available in the associated GitHub repository.

Thread Thread
 
smitterhane profile image
Smitter

Hi Bhardwaj, as of Aug 2024, the article is up to date and in sync with the source code in github repo. Apologies for inconsistencies(that are now fixed)