Y
Hacker News
new
|
ask
|
show
|
jobs
by
nileshtrivedi
3529 days ago
How to implement this if the token is not stored in database at all (eg. JWT)? As far as I know, enforcing one-time-use only requires storing a bit in backend.
1 comments
anton_gogolev
3529 days ago
If you could somehow encode the value of "PasswordLastUpdatedAt" in your token, you will then could have truly "stateless" tokens.
link