You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
@Aman-US-Punjabi I ran into the same problem, I am assuming you are still sending the token on the request after logging out (like me), if so, the PayloadAuthenticationMiddleware will authenticate him again (you can see that on the source code).
And it will succeed because the token is still valid, what you can do is when the user logs out, invalidate that token. There is a lot of information about how to invalidate tokens. I will write it here but I'm still looking into that 😅
https://github.com/anthonycastelli/Vapor-JWTAuthorization/blob/master/Config/droplet.json#L35
Also, I tried to logout but still after logging out, I'm able to access Secured Routes, dont know what to do, any clue?
Thanks for your time.
The text was updated successfully, but these errors were encountered: