I am a deeply motivated Web developer, with strong knowledge in Node.js, React, Vue, MongoDb. I like studying new and awesome technologies and accomplish approaches with them in projects.
Awesome article, thanks!
But there is one more way to revoke JWT. You can store revoked JWT (any of the types described in the article ) and check if the JWT is still valid. It obviously requires additional step and slow down performance, but it is alternative to changing secret.
Yes...it can be considered. I have mentioned this in the next article. Not great for performance but if you're storing in Redis, it's not the worst option.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Awesome article, thanks!
But there is one more way to revoke JWT. You can store revoked JWT (any of the types described in the article ) and check if the JWT is still valid. It obviously requires additional step and slow down performance, but it is alternative to changing secret.
Yes...it can be considered. I have mentioned this in the next article. Not great for performance but if you're storing in Redis, it's not the worst option.