LOADING…
0%
Complete changelog

Commit

Implement secure refresh token authentication system

Commit details

Commit notes

- Upgraded the authentication system to a dual token mechanism, introducing short-lived access tokens and long-lived refresh tokens stored in httpOnly cookies for enhanced security. - Added a new `RefreshToken` model to the database to manage refresh tokens, supporting token revocation and rotation. - Implemented new API endpoints for refreshing access tokens and updated existing authentication routes to accommodate the new token structure. - Enhanced frontend components to automatically manage token storage and retrieval, eliminating manual token handling for a cleaner codebase. - Updated environment variables and migration notes to reflect changes in token configuration and security practices. - Ensured backward compatibility for existing users during the transition to the new authentication system.

Files changed
18
Lines added
+914
Lines removed
−399
This page is a permanent record of commit 5c25c6b0.