Hi I am using ADmad/cakephp-jwt-auth Plugin. I want to expire user token when user logout can any one please guide me.
did you got solution?
Me two i have issue on this. please help
That’s not how standard JWT works. A typical JWT token includes the username and an expiry time; there’s no session details included. To invalidate them on logout would mean adding session information. From the documentation, it appears that this could be possible:
You can set the
falseto directly return the token’s payload as user info without querying datasource for matching user record.
But you’d presumably have to do some custom coding to check the resulting payload info against your sessions table.