DHara: node.js - Invalidate JWT Token in NodeJS -

Saturday, 15 June 2013

node.js - Invalidate JWT Token in NodeJS -

I used to use the JWT token behind it, the token has expired only for 5 minutes, but what if Do I want to invalidate the token after using 1 minute? I want to be able to call an API call at / api / logout and it should remove my token.

I am using Express and Node

It seems that what I can collect to do is my option tokens DB that stores tokens. When I want to end my token, I finish / ends the token with DB.

I have physically seen the tokens being "removed" with hard work, but I did not know where the token was physically stored for me to remove. The general advantage of

Token Authentication is that the token can contain information from all sessions that you can usually put in your session store. It saves a lot of resources, especially in the request-to-response time, because you do not have to see session data on every request - the customer gives you all that.

However, this does not cost you the ability to cancel the JWT token at one time because you lost track of the state .

A clear solution to place an illegal token list somewhere. Your database type removes the above mentioned benefits because you have to consult the database on every request.

A better option would be for the short-term JWT Token , i.e. token valid for only one minute web application, an average user can make several requests in a minute Is navigating around). You can give each user a JWT token which will be left for a minute and when there is a request with an expired token, ~~you will give them a new issue.~~

Update : Issuing a new access token after launching an expired token is a bad idea - you invalidate an expired token Should behave as if it is forged. Better view is that the customer exists, to prove the identity of the user, and then only release new access tokens. Note that confirmation of a fresh token should be an important operation, i.e. you should have a list of all valid fresh tokens for every user anywhere in their database, because if the agreement with the refresh token has been reached, then that user Should be a means of making tokens illegal.

Posted by Unknown at 03:22
Email This BlogThis!Share to X Share to Facebook Share to Pinterest

No comments:

Post a Comment

Newer Post Older Post Home

Subscribe to: Post Comments (Atom)

About Me

Unknown

View my complete profile

Blog Archive

► 2015 (1583)

► September (174)

► August (172)

► July (180)

► June (160)

► May (201)

► April (172)

► March (173)

► February (183)

► January (168)

► 2014 (1684)

► September (186)

► August (180)

► July (160)

► June (167)

► May (187)

► April (176)

► March (200)

► February (241)

► January (187)

▼ 2013 (1486)

► September (169)

► August (163)

► July (161)

▼ June (162)

sql server - Help with SQL to get Hits per day for...

merge - Using git, how to do a 'use theirs' during...

python - Overload a method with a function at runt...

c++ - How is memory allocated for a static multi-d...

POP3 connection string for livemail or gmail? -

c - First thread signal is not caught all others c...

c# - Detect Browser Close on Asp.net -

how to browse folder or file or directory using php -

String comparison in Ruby on Rails unit-test -

wpf - Set ItemsSource of a ComboBox to an Array of...

oracle - Configure Elmah to use existing stored pr...

java - Websphere - What is the best way to hide ws...

Round corners on images using Java and JAI -

java - How to access CSS properties for a DOM node...

c++ - Should I add .vcxproj.filter files to source...

c++ - Copy Constructor Needed with temp object -

architecture - Mapping vs. service layer, or busin...

javascript - Submit/Simulate keypress HTML -

What is Unit Testing for Web Development? -

mfc - How Do I embed a CFormView into another CFor...

visual studio 2010 - Unit Testing interface contra...

objective c - How to I style a UIToolbar to look l...

foreign keys - SQL query to find users that don't ...

How do I show only the graph of a chart (No Legend...

flickr - how can I get yesterdays date in unix for...

c# - WCF: Is there a way to return different datet...

LINQ to SQL, sorting by a related table -

asp.net - How does IsMobileDevice work? -

iphone - Controlling Number of Application Executi...

navigation - jQuery - Active Link and Parent Relat...

workflow - Developing in the cloud -

Interactive gantt chart component for flex -

how to customize the xsd that axis2 generates -

c# - Executing function located in code behind fro...

scala: PartialFunction with state -

c# - Resharper Colouring Variables In Red -

c# - Varying amount of dictionaries in a DataTable -

java - "No context factory" exception thrown when ...

How to order 1,2,3 not 1, 10, 11, 12 in mySQL -

search - Creating a web indexer in Java? -

javascript - jquery attr("onClick") - ie and ff -

Selecting an overall directory in HTML/PHP -

Append .html extension with php -

sql - Using a top 10 query to then search all reco...

javascript - Wrap textNodes without separating on ...

objective c - Check if text in UITextView went to ...

Python argparse helper section -

ios - UITapGestureRecognizer on SKNode: Converting...

php - I'm not able to send mail via mailgun using ...

javascript - How can I define a variable in a cont...

javascript - Recommended Node.js Azure Website set...

asp.net - c# deleting database entries through lis...

parse.com - Increment Likes in Objective-C / Parse...

jquery - How to change/add content inside javascri...

file upload - Uploading a folder of images with ra...

Download all files matching a mask from a remote F...

nginx - HTTPS + gzip: Is it a security vulnerabili...

javascript - How to use Sessions and Templates to ...

grails - Inconsistancy betwwen run-app and war exe...

php - Display folder for replace my domain -

java - Comparator compare() method sorting confusi...

python - Tkinter Canvas reset ID's -

php - Using flashvar inside actionscript -

android - Receiver capture power button presses -

oauth 2.0 - Integrate with Google button - what ha...

html - How to wrap text in table cell without wrap...

octobercms - October CMS Single page management -

c++11 - Clang intrinsics for _mm256_shuffle_epi32 -

c++ - k-rotated-shifted array and finding x? -

javascript - Is it possible to send google analyti...

java - Is there a way to make integration tests fa...

php - How to save files to a specific folder using...

html - Table will not show up under another table ...

java - GAE data store not returning entities -

int - Python comma and divide an integer -

java - Sort Array by Alpabetical order using Selec...

javascript - FullPage.js paddingTop issues on diff...

Call different set of random images based on scree...

sql - Count and select all dates for a specific fi...

Python - Selenium Web Driver error - self._driver....

interface builder - iOS Constraints. How to set im...

regex - Python search for specific word and show t...

sql - Generate dates between to date columns -

optimization - Algorithm for optimal load balancin...

javac compile error on java.lang.NoClassDefFoundEr...

web services - How to access the dataset on API Po...

shell - Checking a bash variable against multiple ...

java - Chose file name with Files.copy() -

excel - How to copy a weekly worksheet with a spec...

java - Why does "header.get() + footer.get()" resu...

r - Create several dummy variables from one string...

Copy 2 Git Repo Histories To New Parent Directory ...

How to stop rails from parsing json postgresql fie...

variables - PowerShell: Rotate multiple image file...

c# - Inserting data into a SQL Server express data...

node.js - Cannot create uri from simple jade form -

javascript - Load external resource before extendi...

javascript - enable/disable datepicker with dropdo...

wordpress - Htaccess redirection with special char...

java - Centrale and local Data base management -

► May (156)

► April (170)

► March (174)

► February (164)

► January (167)

► 2012 (1541)

► September (176)

► August (160)

► July (163)

► June (179)

► May (169)

► April (158)

► March (201)

► February (168)

► January (167)

► 2011 (1528)

► September (167)

► August (176)

► July (169)

► June (184)

► May (157)

► April (182)

► March (166)

► February (171)

► January (156)

► 2010 (1540)

► September (147)

► August (182)

► July (168)

► June (162)

► May (188)

► April (169)

► March (194)

► February (164)

► January (166)

~~Simple theme. Powered by Blogger.~~