You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In our current implementation of the auth middleware, we don't have a notion of the session token being invalidated or blacklisted, we only check that the JWT is valid using the verify function inside the jsonwebtoken library. This means that even if a user logout from the backend their token will still be valid until the time set on it expires.
The text was updated successfully, but these errors were encountered:
In our current implementation of the auth middleware, we don't have a notion of the session token being invalidated or blacklisted, we only check that the JWT is valid using the
verifyfunction inside thejsonwebtokenlibrary. This means that even if a user logout from the backend their token will still be valid until the time set on it expires.The text was updated successfully, but these errors were encountered: