Implemented the logic to invalidate the refresh token by setting its expiration to zero using the set_exp() method. This ensures that the refresh token becomes unusable after logout without the need for a token blacklist.
Additionally, we handled the invalidation of the access token, ensuring the user's session ends securely.
Sign Out API Endpoint:
Created a SignOutView that handles POST requests to log out the user. The view processes the refresh token, invalidates it, and returns an appropriate response indicating the success or failure of the operation.
Cookies containing the access and refresh tokens are deleted upon successful logout
JWT Invalidation on Sign Out:
Implemented the logic to invalidate the refresh token by setting its expiration to zero using the set_exp() method. This ensures that the refresh token becomes unusable after logout without the need for a token blacklist. Additionally, we handled the invalidation of the access token, ensuring the user's session ends securely. Sign Out API Endpoint:
Created a SignOutView that handles POST requests to log out the user. The view processes the refresh token, invalidates it, and returns an appropriate response indicating the success or failure of the operation. Cookies containing the access and refresh tokens are deleted upon successful logout