Don't allow deleted users to use valid JWT #31
Loading…
Reference in New Issue
There is no content yet.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may exist for a short time before cleaning up, in most cases it CANNOT be undone. Continue?
When a user is deleted, their JWT can still be valid for a few minutes. This allows them to log in using a non-existent account, which is a big no no, so we gotta find something to fix this.
Probably related to #30.
Do'nt allow deleted users to use valid JWTto Don't allow deleted users to use valid JWT