diff options
author | Frederick Muriuki Muriithi | 2024-05-06 07:31:42 +0300 |
---|---|---|
committer | Frederick Muriuki Muriithi | 2024-05-06 07:31:42 +0300 |
commit | ab04428463518d05594491ca159f5ab0d7575721 (patch) | |
tree | f541a058e057320f4065e189b315cc9e0b2952dd /setup_commands | |
parent | 51e3a545d7380e5b1983b0a1e8b5088a88efe522 (diff) | |
download | gn-auth-ab04428463518d05594491ca159f5ab0d7575721.tar.gz |
Add `jti` claim
Have each JWT token have a `jti` claim (JWT ID) to help with tracking
refreshes, and therefore validity of the JWTs.
If a refresh token is used more than once, then that refresh token,
and all its progeny/descendants are considered invalid, since that
token could have been stolen.
Diffstat (limited to 'setup_commands')
0 files changed, 0 insertions, 0 deletions