I'm developing a Rest API, using JWT for authentication. Whenever user logs in with username, password, they get a JWT, which they'll use for subsequent API calls. It's kinda standard flow, I believe.However, how to give user the ability to see active sessions (each session having say, IP, location, user agent, last usage time) and ability to log out of each session individually? I know one way I can do that is by keeping session information in a table, but I think that will be against REST convention, and also, then using JWT will be kinda pointless. Is there any better (and clever) way to solve this problem?Any suggestion will be appreciated.Thanks in advance!
Submitted June 14, 2020 at 07:10AM by arpanbag001
No comments:
Post a Comment