3

I have JWT already stored in the user's browser's local storage. I have set the JWT's expiration date to be on in 7 days using nodejs/express.

Will the browser detect the expiration date and automatically remove it from the local storage? or will my server have to check the JWT and remove the expired JWT from the user's browser's local storage?

sdfdsf sdf
  • 383
  • 1
  • 5
  • 12
  • 2
    Possible duplicate of [When do items in HTML5 local storage expire?](https://stackoverflow.com/questions/2326943/when-do-items-in-html5-local-storage-expire) – Tim Roberts Nov 15 '17 at 22:15

1 Answers1

2

Local storage does not have an auto-expiring feature so the browser will not remove the JWT from local storage. It will be up to you or a library to inspect if a JWT has expired and remove it. There is no harm in leaving an expired JWT in local storage as once it has expired no one can use it.

Shane Rowatt
  • 1,951
  • 3
  • 27
  • 44
  • Wouldn't it be wise to set the local storage item to clear with the same time interval the jwt was set to expire? Otherwise the user will accrue expired jwt's in their cache. Not the end of the world, but not ideal. – Len Joseph Apr 03 '19 at 13:13