Base solution for your next web application
Starts in:
01 DAYS
01 HRS
01 MIN
01 SEC

Activities of "parviz"

Hi dears, I have a question about ASP.NET Core Web Api + Angular4 template. You are using JWT for authentication. My question is about it. If I change password or something about the user JWT validation have to fail and new JWT token should be needed. (f.e. security reasons, user blocked, password changed). Currently in your template validation fails only when expire date reaches. In our project we have strict rules for such cases. What should we use in order to invalidate current user token if something(f.e. password, username) about user changed ? P.S. When generating JWT token a number of claims is used. For example: username, role, security stamp. Are this claims validated also then JWT token validated ? I think no. Because I changes the username and token still successfully validated or when password is changed new security stamp generated. But token still successfully validated. I think it is a big problem.

Showing 1 to 1 of 1 entries