How to use a JWT Refresh Token to generate a new Access Token

I'm assuming that you have your own back-end to handle the refresh token process. Please tell me if this is not the case

What I did to this process is to move all decoding and encoding to the back-end. But you have to make sure that you store the latest active refresh token in the back-end. Otherwise, someone could reuse old token to create access token.

1. In the front-end store the expiry date. Then, everytime you make a request to the back-end, check if the expiry date is not exceeded (probably you want to take into account delays of the request e.g. 5 seconds before expiry). If it's expired, fire the refresh-token method.
2. Create a refresh token endpoint in the back-end and send both access-token and refresh-token to it
3. Decode the access-token and get your necessary data. Ignore expiry date in this decode function.
4. Compare refresh-token with the latest refresh-token in the db. If it doesn't match, the user is not authorized. Otherwise, continue.
5. Now if you want to reuse the old data, you don't need to query your database and just re-encode the access-token content to a new token. Otherwise, do your query and rebuild the access-token.

Hope this helps