DEV Community

Discussion on: Remaining Stateless - Using Redis for token blacklisting in Node JS

Collapse
 
thegarlynch profile image
thegarlynch

you can also set expiration date for blacklisted item too. it will cause, lesser storage theoritically because you need to invalidate explicitly by logout. but it needs
"appendfsync always". otherwise, blacklisted item unintentionnally disappeared and make it worse than having authenticated token disappeared (since you can always login)