How to refresh JWT tokens in Vue

Łukasz Holeczek Łukasz Holeczek
calendar Wednesday, December 3, 2025
#vue #jwt #refresh #authentication #pinia

Refreshing JWT tokens in Vue applications ensures continuous user authentication without forcing re-login when access tokens expire. As the creator of CoreUI with extensive Vue development experience since 2014, I’ve implemented token refresh systems in numerous production applications for seamless user experience. The most reliable approach uses axios interceptors to automatically refresh expired tokens and retry failed requests. This pattern provides transparent authentication management while maintaining security through short-lived access tokens.

Use axios interceptors with Pinia store to automatically refresh JWT tokens when they expire.

// stores/auth.js
import { defineStore } from 'pinia'
import axios from 'axios'

export const useAuthStore = defineStore('auth', {
  state: () => ({
    accessToken: null,
    refreshToken: localStorage.getItem('refreshToken'),
    user: null
  }),

  actions: {
    async refreshAccessToken() {
      try {
        const response = await axios.post('/api/auth/refresh', {
          refreshToken: this.refreshToken
        })

        this.accessToken = response.data.accessToken

        if (response.data.refreshToken) {
          this.refreshToken = response.data.refreshToken
          localStorage.setItem('refreshToken', response.data.refreshToken)
        }

        return response.data.accessToken
      } catch (error) {
        this.logout()
        throw error
      }
    },

    logout() {
      this.accessToken = null
      this.refreshToken = null
      this.user = null
      localStorage.removeItem('refreshToken')
    }
  }
})

// axios-interceptor.js
import axios from 'axios'
import { useAuthStore } from '@/stores/auth'

let isRefreshing = false
let failedQueue = []

axios.interceptors.response.use(
  response => response,
  async error => {
    const authStore = useAuthStore()

    if (error.response?.status === 401 && authStore.refreshToken) {
      if (!isRefreshing) {
        isRefreshing = true

        try {
          const newToken = await authStore.refreshAccessToken()

          // Retry all failed requests
          failedQueue.forEach(({ resolve, config }) => {
            config.headers.Authorization = `Bearer ${newToken}`
            resolve(axios(config))
          })
          failedQueue = []

          // Retry original request
          error.config.headers.Authorization = `Bearer ${newToken}`
          return axios(error.config)
        } catch (refreshError) {
          failedQueue = []
          return Promise.reject(refreshError)
        } finally {
          isRefreshing = false
        }
      } else {
        // Queue failed requests while refreshing
        return new Promise(resolve => {
          failedQueue.push({ resolve, config: error.config })
        })
      }
    }

    return Promise.reject(error)
  }
)

This code implements automatic token refresh using axios interceptors that detect 401 responses and attempt to refresh the access token. When multiple requests fail simultaneously, they’re queued and retried after successful token refresh. The Pinia store manages token state and provides centralized refresh logic with proper error handling.

Best Practice Note:

This is the token refresh architecture we use in CoreUI Vue enterprise applications for secure, uninterrupted user sessions. Always implement proper queue management to prevent multiple concurrent refresh attempts and ensure failed requests are retried correctly.

Speed up your responsive apps and websites with fully-featured, ready-to-use open-source admin panel templates—free to use and built for efficiency.

Free Angular Admin Template
Angular
Free Bootstrap Admin Template
Bootstrap
Free React.js Admin Template
React Logo
React.js
Free Vue.js Admin Template
Vue.js

About the Author

Łukasz Holeczek

Łukasz Holeczek, Founder of CoreUI, is a seasoned Fullstack Developer and entrepreneur with over 25 years of experience. As the lead developer for all JavaScript, React.js, and Vue.js products at CoreUI, they specialize in creating open-source solutions that empower developers to build better and more accessible user interfaces.

With expertise in TypeScript, JavaScript, Node.js, and modern frameworks like React.js, Vue.js, and Next.js, Łukasz combines technical mastery with a passion for UI/UX design and accessibility. CoreUI’s mission is to provide developers with tools that enhance productivity while adhering to accessibility standards.

Łukasz shares its extensive knowledge through a blog with technical software development articles. It also advises enterprise companies on building solutions from A to Z. Through CoreUI, it offers professional services, technical support, and open-core products that help developers and businesses achieve their goals.

Learn more about CoreUI’s solutions and see how your business can benefit from working with us.
Subscribe to our newsletter
Get early information about new products, product updates and blog posts.
What is the difference between sort and toSorted in JavaScript?
What is the difference between sort and toSorted in JavaScript?
calendar Tuesday, September 16, 2025
Mastering Inline Styles in React.js: Enhancing Your Components with Style
Mastering Inline Styles in React.js: Enhancing Your Components with Style
calendar Tuesday, January 30, 2024
What is the Difference Between Null and Undefined in JavaScript
What is the Difference Between Null and Undefined in JavaScript
calendar Sunday, February 9, 2025
How to Detect a Click Outside of a React Component
How to Detect a Click Outside of a React Component
calendar Friday, May 31, 2024

Answers by CoreUI Core Team

How to add a class to an element in JavaScript
How to use OAuth in Node.js
How to check if a string ends with another string in JavaScript
How to store JWT in Vue securely
How to use ngAfterViewInit in Angular
How to use react-transition-group for animations