This repository has been archived by the owner on Mar 23, 2018. It is now read-only.
Blacklist refresh tokens #10
Labels
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
A refresh token could be black listed for a variety of reasons such as a password reset or a user manually clearing their sessions.
The token verification middleware should check if a refresh token has been black listed by calling a method in the provided account model.
The text was updated successfully, but these errors were encountered: