How to expire token for user in token based authentication for Web API
Question
Recently I created token based authentication for my Web API project following an Article here I am able to create the token and able to validate the token as well. But when user logged out we are removing the token from user device, if the user saved the token before we remove that token, it still valid until it reaches the expiration time, which leads less security for the API
Can any once suggest how can I expire the the issued token. (as we have huge user database we are not storing any tokens in database.)
1 answers
solution1
0 2018-10-08 12:10:20
You can clear cookies and entire session if exists any !
Request.GetOwinContext().Authentication.SignOut();
Request.GetOwinContext().Authentication.SignOut(Microsoft.AspNet.Identity.DefaultAuthenticationTypes.ApplicationCookie);
HttpContext.Current.GetOwinContext().Authentication.SignOut(Microsoft.AspNet.Identity.DefaultAuthenticationTypes.ApplicationCookie)
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.