Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Refresh Token 도입 #10

Open
1 task
bbeomgeun opened this issue Mar 6, 2022 · 0 comments
Open
1 task

Refresh Token 도입 #10

bbeomgeun opened this issue Mar 6, 2022 · 0 comments
Labels
feature 새로운 기능 개발 need study 해당 지식에 대해 공부가 필요 question Further information is requested
Milestone
6주차 개발 스프린트

Comments

@bbeomgeun
Copy link
Contributor

이슈 내용

  • 현재 acess token의 유효시간을 엄청 길게 잡아놓은 상황
  • 만약에 access token이 탈취당한다면? 해당 토큰을 이용해서 보안이 뚫릴 수 있다.

To-do

  • refresh token 도입

참고 사항

https://tansfil.tistory.com/59?category=255594

  1. access token과 refresh token을 발급
  2. 매 요청 시 access token을 통해서 데이터 요청, 응답
  3. access token이 만료됨을 서버에서 확인
  4. client는 refresh token을 전송
  5. 서버에서 refresh token을 확인 후, access token을 재발급

Q. refresh token이 탈취당하면?
@bbeomgeun bbeomgeun added feature 새로운 기능 개발 question Further information is requested labels Mar 6, 2022
@bbeomgeun bbeomgeun added this to the 6주차 개발 스프린트 milestone Mar 10, 2022
@bbeomgeun bbeomgeun added the need study 해당 지식에 대해 공부가 필요 label Apr 4, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature 새로운 기능 개발 need study 해당 지식에 대해 공부가 필요 question Further information is requested
Projects
None yet
Milestone
6주차 개발 스프린트
Development

No branches or pull requests
1 participant
@bbeomgeun