0

I am using JWT for authorisation of my application and stored the Token in local storage because my application in ReactJS with a backend of goLang.

I don't want to store the token in my DB but I have removed the token from local storage while logout.

but with this, I am facing the issue as per below.

I removed the token from local storage while logout but the user still accessible their token if he copied or hit the request using postman or any other application for rest APIs until token expired so I want to forcefully expire the toke while logging out so what can I do for this.

So what can I do for this?

Karmdip joshi
  • 140
  • 2
  • 14
  • 1
    you can add one status flag like isLogout in your database and update it to true/1 when user want to logout.for that you need to create /logout api – Prakash Karena Jan 10 '20 at 06:39
  • Hello @PrakashKarena, It's a good idea but I don't want to change in DB due to some critical structure of DB. if is it possible then I also stored the token in DB and removed on logout but. I can't any single change in DB. it's retreating me. – Karmdip joshi Jan 10 '20 at 06:53

1 Answers1

0

You have to manage those tokens by yourself. Here is a link for some ideas.

Kaushal Madani
  • 78
  • 1
  • 6