local login
Email, password + Server post request
social login
local login
social login
3) Client
Header : AccessToken
Cookie : httpOnly , RefreshToken
( React ) useEffect > Req with refreshToken to Server to return 'accessToken
const refreshToken = () => {
req(refresh_Token)
.then(( { refresh_Token : { user, access_Token, expires_in } }) => {
client.setHeader('authorization' , 'Bearer ${token}' )
setTimeOut(() => {
refreshToken()
}, ( expires_in * 1000 ) - 500 )
})
.catch(console.log)
}
4) Server
ex) '/api/silent-auth'
with 'refreshToken' from Client > get 'accessToken' from 'refreshToken'
before 'accessToken being expired', repeat above process