You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
You can use the unset function in PHP to destroy a JWT token stored in a session, as shown in your provided code. This will effectively remove the token from the session, making it invalid for future requests.
@gamotmohit that's because the tokens are not stored anywhere by this library. So destroying them would depend on your implementation.
JWTs are created by this library in memory only. Because they are signed, the only way to destroy them would be to remove them from memory, or from whatever cache you're using.
If you have a more specific question, such as how to rotate the keys you are using to sign, try reading up on best practices for securing your application. Good luck!
There is no code available which can tell how can we destroy JWT token on server in PHP.
The text was updated successfully, but these errors were encountered: