BIMserver icon indicating copy to clipboard operation
BIMserver copied to clipboard
verified publisher icon opensourceBIM

Invalidation of tokens

Open rubendel opened this issue 12 years ago • 0 comments

Created tokens should have a user-specific nonce which is also stored in the User object. When a user changes it's password, or when the user is enabled/disabled, this nonce should be updated (incremented for example, or synced with time), thus invalidating all existing tokens for this user.

rubendel avatar Sep 04 '13 09:09 rubendel