Bird
0
0

You want to implement a refresh token rotation strategy in NestJS. Which approach correctly applies this pattern?

hard📝 Application Q8 of 15
NestJS - Authentication
You want to implement a refresh token rotation strategy in NestJS. Which approach correctly applies this pattern?
AStore refresh tokens in localStorage for rotation
BReuse the same refresh token indefinitely
CIssue a new refresh token on each refresh and invalidate the old one
DDo not issue refresh tokens, only access tokens
Step-by-Step Solution
Solution:

  1. Step 1: Understand refresh token rotation

    Rotation means issuing a new refresh token each time and invalidating the old one to improve security.

  2. Step 2: Evaluate other options

    Reusing tokens is insecure; not issuing refresh tokens breaks flow; localStorage is insecure for tokens.

  3. Final Answer:

    Issue a new refresh token on each refresh and invalidate the old one -> Option C

  4. Quick Check:

    Refresh token rotation = new token each refresh [OK]
Quick Trick: Rotate refresh tokens by issuing new and invalidating old [OK]
Common Mistakes:
  • Reusing refresh tokens without rotation
  • Ignoring refresh tokens entirely
  • Storing tokens insecurely for rotation

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More NestJS Quizzes
Database with Prisma - Prisma setup in NestJS - Quiz 11easy Database with Prisma - Schema definition - Quiz 9hard Database with TypeORM - Query builder - Quiz 5medium Database with TypeORM - TypeORM module setup - Quiz 12easy Database with TypeORM - Query builder - Quiz 10hard Guards - Why guards control access - Quiz 4medium Middleware - Global middleware - Quiz 11easy Middleware - Global middleware - Quiz 2easy Pipes - Why pipes transform and validate input - Quiz 6medium Pipes - File validation pipe - Quiz 14medium