feat: Invalidate access token on logout

2025-12-17 17:23:25 +03:00 · 2022-09-07 18:39:33 +05:00
parent f091de6827
commit 48ea62c0a0
26 changed files with 242 additions and 37 deletions
--- a/server/api/helpers/utils/create-token.js
+++ b/server/api/helpers/utils/create-token.js
@@ -1,3 +1,4 @@
+const { v4: uuid } = require('uuid');
 const jwt = require('jsonwebtoken');

 module.exports = {
@@ -24,6 +25,9 @@ module.exports = {
        exp: iat + sails.config.custom.tokenExpiresIn * 24 * 60 * 60,
      },
      sails.config.session.secret,
+      {
+        keyid: uuid(),
+      },
    );
  },
 };