NestJSframework~10 mins

Refresh token pattern in NestJS - Step-by-Step Execution

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Perf

Concept Flow - Refresh token pattern

User logs in

↓

Server issues Access Token + Refresh Token

↓

User uses Access Token to access resources

↓

Access Token expires?

No→Continue using Access Token

Yes↓

User sends Refresh Token to server

↓

Server verifies Refresh Token

↓

Refresh Token valid?

No→Reject request, ask login

Yes↓

Server issues new Access Token (and optionally new Refresh Token)

↓

User continues with new Access Token

This flow shows how a user logs in, gets tokens, uses access token until it expires, then uses refresh token to get a new access token without logging in again.

Execution Sample

NestJS

async refreshToken(oldRefreshToken: string) {
  const user = await this.jwtService.verifyAsync(oldRefreshToken);
  if (!user) throw new UnauthorizedException();
  return this.jwtService.sign({ id: user.id });
}

This function verifies the refresh token and returns a new access token if valid.

Execution Table

Step	Action	Input	Check/Condition	Result/Output
1	User logs in	username/password	Credentials valid?	Issue Access Token + Refresh Token
2	User accesses resource	Access Token	Access Token valid?	Allow access
3	Access Token expires	Access Token expired	Expired?	User must refresh token
4	User sends Refresh Token	Refresh Token	Verify Refresh Token	Valid or Invalid
5	Refresh Token valid	Valid Refresh Token	Is token valid?	Issue new Access Token
6	Refresh Token invalid	Invalid Refresh Token	Is token valid?	Reject request, ask login

💡 Process stops when refresh token is invalid or user logs out.

Variable Tracker

Variable	Start	After Step 1	After Step 4	After Step 5	Final
accessToken	null	issued	expired	new token issued	valid
refreshToken	null	issued	sent by user	verified	valid or invalid
user	null	authenticated	extracted from token	confirmed	authenticated or rejected

Key Moments - 3 Insights

Why do we need both access and refresh tokens?

What happens if the refresh token is invalid or expired?

Can the refresh token be used to access resources directly?

Visual Quiz - 3 Questions

Test your understanding

Look at the execution_table, at which step does the server verify the refresh token?

AStep 2

BStep 1

CStep 4

DStep 6

Concept Snapshot

Refresh Token Pattern in NestJS:
- User logs in, gets Access + Refresh Tokens
- Access Token used for resource access
- When Access Token expires, send Refresh Token
- Server verifies Refresh Token
- If valid, server issues new Access Token
- If invalid, user must log in again
- Keeps user logged in securely without frequent logins

Full Transcript

The refresh token pattern helps keep users logged in securely. When a user logs in, the server gives two tokens: an access token and a refresh token. The access token is used to access protected resources but expires quickly for safety. When it expires, the user sends the refresh token to get a new access token without logging in again. The server checks if the refresh token is valid. If yes, it sends a new access token. If not, the user must log in again. This process balances security and convenience.