Lunatix01
commented
1 year ago Do you need to create a controller for the logout url ?
even tho it might be very late and also the issue is closed but I want to point this out for others :
You cannot manually expire a token after it has been created. you cannot log out with JWT on the server side as you do with sessions. There are some techniques to do that for example blacklisting token saving blacklisted tokens in DB, the most efficient way is using Redis since it's a fast in-memory key-value database.
Do you need to create a controller for the logout url ?