Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
C
C
calculator2122021-08-02 17:24:48
JSON Web Token
calculator212, 2021-08-02 17:24:48

Implementing JWT Authentication?

I'm trying to implement JWT authentication and I have a few questions. To delog, you need to create a blacklist with a list of non-valid refresh tokens, do I understand correctly that, in theory, you will also need to store a list of revoked access tokens, while they are valid, tk. to ensure instant logout on all devices, will it be necessary to deny access to them as well? Am I correct or not?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
I
Ilya, 2021-08-02
@calculator212

You just came up with a reference token. Better implement it right away. Because in the implementation you provided, jwt is more harmful than useful.

Similar questions
M
MalikDeveloper20772020-08-29 18:32:23
DRF Simple JWT. How to add access and refresh token EXPIRE TIME to response data? 1Reply
F
FulgerX20072020-09-09 10:59:59
How to validate a JWT token using JWK keys? 5Reply
I
Ibishka2020-09-18 13:24:40
What secret key to use in JWT? 3Reply
I
Ibishka2020-09-22 11:15:36
Where to store React js + Rest api php tokens? 2Reply
A
Abdumalik09992018-12-10 09:13:40
Adding a new subject to a JWT? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question