search

tymondesigns / jwt-auth

🔐 JSON Web Token Authentication for Laravel & Lumen
https://jwt-auth.com
MIT License
11.29k stars 1.54k forks source link

how automatically redis key generated on my server ? #2204

Open jignesh-ob opened 1 year ago

jignesh-ob commented 1 year ago

Subject of the issue

automatically fake redis key generated with empty value in Laravel Framework 5.4.36

Your environment

Q how automatically redis key generated on my server ?
Bug? yes
New Feature? no
Framework Laravel
Framework version 5.4.36
Package version 2.5.1
PHP version 7.4.3

Steps to reproduce

in my server i use the redis server for cache and also use some libraries redis, predis, jwt and zizaco entrus, also see with specific version like bellow in my project composer.json file

"require": {
   "illuminate/redis": "5.4.*",
   "predis/predis": "^1.1",
   "tymon/jwt-auth": "0.5.*",
   "zizaco/entrust": "5.2.x-dev"
},

i attached the screenshot about the fake empty redis key automatically generated and my redis server is going high and i face the issue enter image description here

so how can i solve it?

Expected behaviour

i expected what exactly going on this issue, how and when it's created fake redis key with empty data

Actual behaviour

i try to resolve this issue in my code review and i can't not get solution

moxesh-gandhi commented 1 year ago

If I invalidate the jwt token with the invalidate method then a random 16 digit redis key is generated and its value is empty. How to stop creating these empty redis keys. What should I use on the logout action if the invalid token blocking method is not appropriate