Y
Hacker News
new
|
ask
|
show
|
jobs
by
Normal_gaussian
3478 days ago
If you see a suspicious usage pattern then force a login by invalidating the tokens. Allowing indefinite refreshing is a feature and a drawback of this method.