|
|
|
|
|
|
by lfrodrigues
3521 days ago
|
|
|
Token based auth doesn't need to be stateless. In fact in our current implementation it is not. If you use stateless like JWT (we had this before) you end up having a huge problem: imagine a user wants to logout all the open accounts in different browsers. How would you handle that? You would need to wait for the expiration of the token, a solution that is not that secure. |
|
|
You can listen for localStorage changes in all your tabs. When it changes, force a page reload or similar.
Edit: typos