Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Logout does not work!

See original GitHub issue

When I try to logout, it will show a SUCCESS message for logout.

{ “data”: “Log out successful”, “success”: true, “timestamp”: “2020-07-06T07:55:10.948Z” }

However still the old token is usable and I can access to data via /user/me with the old token!

Issue Analytics

State:
Created 3 years ago
Comments:6 (6 by maintainers)

Top GitHub Comments

1reaction

mjzacommented, Jul 7, 2020

Dear @isopropylcyanide, I tested the app. It works perfect. Thanks.

1reaction

isopropylcyanidecommented, Jul 7, 2020

Logout is by design, achieved here through a stateless mechanism. When you carry no state, there are always trade offs. Hence, if you lose or compromise your token (using it even after a server logout), all is lost. You can read about what happens when you lose a token here
I’m sure the invalidation of a JWT token would be a solved problem (through external means only). You can look around for implementations online. Although I think I can provide a trivial implementation here. Will take some time out today and try to code it up.
Thank you for your comment on the codebase being clean.