learn hapi — A Better Place to Invalidate Tokens

The previous tutorials on basic JWT logout and immediate JWT logout focused on the functionality to invalidate tokens. They didn’t focus on project architecture, clean code, or where to apply actions.

That’s what you’ll change in this tutorial: refactor your code to find a better place to revoke the JWT and refresh token. At this point, you’ve spread the calls to invalidate tokens in an authentication strategy and route handlers.

You’ll move the functionality to a middleware. You’ll create two middlewares revoking JWTs and refresh tokens. The routes that rely on token revocation will then use the middleware.

hapi Series Overview


Continue reading

University Enrollment Required

Future Students benefit from value packed videos and tutorials.

Enroll to receive exclusive content or sign in if you’re already a Future Student.

Enroll me for $15/mo

Explore the Library

Find interesting tutorials and solutions for your problems.