I never said you should store them as plain text. Encrypt them and when an API call comes in, decrypt the generated string to find out which access token it is.
Generate an ID for your access token then encrypt("ID" + "creation time") with your app secret.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Store keys in plain text in the database? Seems like it might open up some kind of vulnerability.
I never said you should store them as plain text. Encrypt them and when an API call comes in, decrypt the generated string to find out which access token it is.
Generate an ID for your access token then encrypt("ID" + "creation time") with your app secret.