Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Invalidation of tokens #13
Created tokens should have a user-specific nonce which is also stored in the User object. When a user changes it's password, or when the user is enabled/disabled, this nonce should be updated (incremented for example, or synced with time), thus invalidating all existing tokens for this user.