Your question was "how to refresh JWT Authentication after it Expired", I was also been studying on JWT authentication this past few weeks and on how could i refresh the JWT access token upon expiration using Angularjs and Phalconphp, there are already available libraries i could use but i prefered to understand it by doing it base on the methods i have researched, so i used angular-jwt and firebase/php-jwt, here is what i have come up so far:

1. Upon login the client is given an access token and a refresh token
2. The access token should expire before the refresh token
3. Once access tokens are expired, new access token are obtained from the refresh tokens (creating an API entry to verify refresh token then provide new access tokens)
4. Refresh tokens are checked for revocation (requires database of issued refresh tokens or i use Redis to store user refresh tokens).

Regading "best and most secured way of using JWT token based authentication", some suggested me not to use Authorization headers instead use cookies as well as enable SSL.

Credits to: https://stormpath.com/blog/jwt-authentication-angularjs

I hope this helps.

For JWT authentication between angularjs and Laravel you can use Satellizer. For backend i.e Laravel implementation you can find sample code here You can use satellizer for social login or just for normal login.

You have to install jwt-auth for laravel backend JWT support. You can refer some blogs to getting started

You can use request/response interceptor in your fronend with satellizer and your own interceptor's implementation.

See more details about this here in Satellizer discussion on Github.

I was having this same problem today but I solved it now!

References:

• Interceptors in AngularJs

• Store token in local/session storage

• Token-Based Authentication for AngularJS and Laravel Apps