amrav
commented
9 years ago @jonathana This isn't what restify-jwt is intended to do. Its only job is to pull out the JWT, decode it, and attach it to the request.
I think your use case is best implemented as custom middleware after restify-jwt.
I want to add the ability to send only a minimal number of values in the JWT token but still track more data server-side in a persistence store like e.g. redis. I have added the enhancedLoadCallback option to the middleware to enable the ability, after a JWT has been successfully decoded, to do additional operations based on the content of the JWT. Unit tests show a very simple example of "expiring" a session server-side, as well as enhancing one with fixed data in code.