Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
C
C
calculator2122021-08-02 17:24:48
JSON Web Token
calculator212, 2021-08-02 17:24:48

Implementing JWT Authentication?

I'm trying to implement JWT authentication and I have a few questions. To delog, you need to create a blacklist with a list of non-valid refresh tokens, do I understand correctly that, in theory, you will also need to store a list of revoked access tokens, while they are valid, tk. to ensure instant logout on all devices, will it be necessary to deny access to them as well? Am I correct or not?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
I
Ilya, 2021-08-02
@calculator212

You just came up with a reference token. Better implement it right away. Because in the implementation you provided, jwt is more harmful than useful.

Similar questions
M
MaxEpt2016-01-07 16:11:47
Connection protection. How to use JWT correctly? And do you need ssl? 0Reply
4
46kvolamak2021-08-31 11:19:39
Problem updating access token. Why is this happening? 1Reply
K
keyotor2021-09-18 17:27:48
How long to live for an authorization cookie? 0Reply
T
tamerlanlarsanov2021-09-21 18:00:20
What exactly is the token I get from Discord with Oauth2? 0Reply
L
Larisa .•º2021-10-01 16:12:24
Is there an alternative way to pass scope(permissions) JSON WEB token-e? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question