Destroy Token - Githubissues

Tmeister / wp-api-jwt-auth

A simple plugin to add JSON Web Token (JWT) Authentication to WP REST API

GNU General Public License v2.0

560 stars 161 forks source link

Destroy Token #275

Closed tablangdelio closed 1 year ago

tablangdelio commented 1 year ago

Invalidate when user logout

Tmeister commented 1 year ago

The token can't be destroyed.

To invalidate a token, we need to start keeping track of the tokens issued by the system and then add extra validations to invalidate a token, and that feature is out of the plugin's scope today.