Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
I
I
Islam Dortkuliev2019-05-01 10:46:13
JSON Web Token
Islam Dortkuliev, 2019-05-01 10:46:13

ASP.NET Core. JWT. How to revoke a token?

Hello. I am writing an application in ASP.NET Core. Did everything as in this article: ASP.NET Core | JWT tokens .
Created a method for changing the password. Now a question. After changing the password, I need to invalidate the token. Or update it. How can i do this? Because need to log out from all devices.
I'm not very familiar with JWTs. I will be glad to hear your answers.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
P
Peter, 2019-05-01
@petermzg

1. There is no password in the token, for this reason, why update it?
2. The token contains (optionally) the jti field, which is your unique identifier for this token (JWT ID). On the server side, you can create a list of such identifiers and define actions for requests that come with a token that has a given ID. The lifetime of this list must be longer than the validity of the given token.

Similar questions
D
DUDE2021-01-20 19:04:05
Why invalid python-jose syntax? 2Reply
J
jtag2019-06-16 15:56:15
What is the correct way to follow a secure link using Json Web Token? 1Reply
N
nepster-web2017-02-10 15:08:30
How to generate a unique key for JWT if it is not recommended to store it in the database? 1Reply
R
rshruslan2019-07-27 21:21:35
How to make authorization in native PHP with Vue (SPA)? 1Reply
J
jeruthadam2019-08-09 14:31:02
How to safely use refresh token? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question