Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Please add session as a middleware in droplet.json #5

Open
Aman-US-Punjabi opened this issue Jun 20, 2017 · 1 comment
Open

Please add session as a middleware in droplet.json #5

Aman-US-Punjabi opened this issue Jun 20, 2017 · 1 comment

Comments

@Aman-US-Punjabi
Copy link

https://github.com/anthonycastelli/Vapor-JWTAuthorization/blob/master/Config/droplet.json#L35

Also, I tried to logout but still after logging out, I'm able to access Secured Routes, dont know what to do, any clue?

Thanks for your time.

@rgkobashi
Copy link

@Aman-US-Punjabi I ran into the same problem, I am assuming you are still sending the token on the request after logging out (like me), if so, the PayloadAuthenticationMiddleware will authenticate him again (you can see that on the source code).
And it will succeed because the token is still valid, what you can do is when the user logs out, invalidate that token. There is a lot of information about how to invalidate tokens. I will write it here but I'm still looking into that 😅

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants