Zejwier
TTCTheo's Typesafe Cult
•Created by Jimmy Page on 12/27/2024 in #questions
JWT with long-lived Refresh Tokens
So there is no need to keep the old ones to block them cuz they don't have access anyway
76 replies
TTCTheo's Typesafe Cult
•Created by Jimmy Page on 12/27/2024 in #questions
JWT with long-lived Refresh Tokens
It gets leaked then you replace it, old ones are by definition blocked cuz there is a new one in their place
76 replies
TTCTheo's Typesafe Cult
•Created by Jimmy Page on 12/27/2024 in #questions
JWT with long-lived Refresh Tokens
Ok, but would a user need more then 1 refresh token per device? Also why do you want to keep track of all the previouse ones?
76 replies