Open nadnoslen opened 6 years ago
It would be ideal to create a worker that tracks the success or failure of refresh tokens. On malicious refresh attempts, we should also find the Session from the supplied RUID and mark it as invalidated.
Session
It would be ideal to create a worker that tracks the success or failure of refresh tokens. On malicious refresh attempts, we should also find the
Sessionfrom the supplied RUID and mark it as invalidated.