Next.Js with ASP.NET Web-Api. How to handle Bearer Token Authentication.
Answered
Rex posted this in #help-forum
RexOP
Hey im building a Next.js app with a .net web api as its backend, its just a collection of web-apis which handles bunch of entity-framework logic for storing data in a sql database.
I handle the authentication to the backend via JWT Bearer Token which i create myself on the backend and pass it to the Next.js app. You retrieve the Bearer Token in the next.js app when the user authenticates via simple login register logic. But what is the approach for handling for refreshing the Bearer Token and storing it while still being able to access it both in client and server components?
I handle the authentication to the backend via JWT Bearer Token which i create myself on the backend and pass it to the Next.js app. You retrieve the Bearer Token in the next.js app when the user authenticates via simple login register logic. But what is the approach for handling for refreshing the Bearer Token and storing it while still being able to access it both in client and server components?
Answered by B33fb0n3
You keep your refreshtoken inside the cookies (readable by client & server) and your backend provides an endpoint that receives the refreshtoken and give you a new token back. That will be also either placed inside the cookies or localstorage
8 Replies
@Rex Hey im building a Next.js app with a .net web api as its backend, its just a collection of web-apis which handles bunch of entity-framework logic for storing data in a sql database.
I handle the authentication to the backend via JWT Bearer Token which i create myself on the backend and pass it to the Next.js app. You retrieve the Bearer Token in the next.js app when the user authenticates via simple login register logic. But what is the approach for handling for refreshing the Bearer Token and storing it while still being able to access it both in client and server components?
You keep your refreshtoken inside the cookies (readable by client & server) and your backend provides an endpoint that receives the refreshtoken and give you a new token back. That will be also either placed inside the cookies or localstorage
Answer
@Rex solved?
RexOP
Hey thanks for the answer i couldnt get to Test it Out yet i would reply at a later Point If this has been solved
@Rex Hey thanks for the answer i couldnt get to Test it Out yet i would reply at a later Point If this has been solved
yea, this thread can stay open without any activity for 2 more days. Do you think you can test it in this time?
RexOP
I will get it to it Today its a personal Side Project. So Work comes First but i probably will.
@Rex solved?
RexOP
yes it did ty very much
happy to help