-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
For refresh token, or destory how about re issue token?? #390
Comments
With tokens, to login, you basically ask the server to create a token, and then you store it on the client. If the token is self-contained (as JWTs; the information about the token is stored inside the token), then you simply stop storing it on the client, and it has been deleted. If the token is not self-contained (the information about the token is stored on the server), then you need to tell the server to delete the token for you when the user logs out. |
Hi, I'm David
I read almost discussion about refresh token. It feel it has some problem.
At now, I have a some question of re-issue token.
Also, I got a principle the issued token do not destory.
If the situation is about log-out, sign out or prolong expire day, etc.., then how about re issue of token from web server? Just re-issue
Because I heard JWT does not have token-store. And issued token dose not destory. I think just the token will re-issue for log-in/out and just issued token string remove for drop out.
Is it having a some problem???
The text was updated successfully, but these errors were encountered: