refresh token - rate limiting and auto sign in. | Payload | Page 1

sand jetty Feb 23, 2024, 5:26 PM

#

hey ,

I was playing around with payload! I have some inquiries.

1: refresh token:

Does the payload provide a way to generate a refresh token? (I mean a long live token that can be used for new access tokens and also for frontend user persistence! (Also, refresh token rotating will be great!) )

2: endpoint-based rate limit:

Is there a way to use a built-in rate limit for specific endpoints? (looking to build an OTP login)

or I have to implement my own with something like Upstach!

3: auto-sign in:

As for the second point, I want to build a mobile-only login.

So I know I need to make a custom endpoint that handles all the logic, but can I then login to the user with just the ID? or the email! or do I need to generate my own JWT and send it to the user using the payload prefix secret key and res.cookie.

Thank you!

radiant galleonBOT Feb 23, 2024, 5:26 PM

#

New Community-Help Thread Created!

Help is on the way! To mark it as solved, use the /solve command. In the meantime, here are some existing threads that may help you:

Documentation:

sand jetty Feb 23, 2024, 5:31 PM

#

2 - for the secound point i think i can pass skip prop and handle only matching endpoints !

#refresh token - rate limiting and auto sign in.

Documentation: