The method name is invalid or deleted.
const data = { test: 1 };
const token = jwt.sign(data, 'shhhh', { expiresIn: 100 });
const invalidate = jwt.invalidate(token, privateKey);
const old_token = jwt.verify(token, 'shhhh');
// { test: 1 }
console.log(data);
// { error: "Invalid/deleted token, create a new" }
console.log(invalidate);
or something like this.
Most of developers doesn't understand that there is no way to invalidate the token in a stateless system. To do that you must introduce a... state. For example you can implement white- or blacklisting of tokens and check every request against this list. Or introduce a session. But well, this is never a part of an jwt library like this one. Look for example at Single Sign Out.
Tks for replying to me about this issue.
I didn't know jwt and didn't know its features completely.
Most helpful comment
Most of developers doesn't understand that there is no way to invalidate the token in a stateless system. To do that you must introduce a... state. For example you can implement white- or blacklisting of tokens and check every request against this list. Or introduce a session. But well, this is never a part of an jwt library like this one. Look for example at Single Sign Out.