Closed prasadyeole03 closed 2 years ago
Right, that is the correct behavior of the application flow. How are you exactly blacklisting the token?
So, the flow works as follows, the token is generated with a certain expiry date. If you request a new token and the new old token is still valid, the application will give you the old token (as there is no need to create a new token).
HI I'm using drf-social-oauth2 in one of my project to generate an auth token for social login users. but after logout and blacklisting the old token. when I again generate auth token i'm getting same token as old.