Is your feature request related to a problem? Please describe.
Since we're using http-only cookies, frontend app cannot remove access and refresh tokens upon logging out.
Describe the solution you'd like
We need a logout API that removes access and refresh tokens.
Also, we need to somehow revoke the refresh token to prevent using it to generate new access tokens.
IanMayo
commented
2 months ago
Is your feature request related to a problem? Please describe. Since we're using http-only cookies, frontend app cannot remove access and refresh tokens upon logging out.
Describe the solution you'd like We need a logout API that removes access and refresh tokens. Also, we need to somehow revoke the refresh token to prevent using it to generate new access tokens.
Describe alternatives you've considered N/A
Additional context N/A