logout in nestjs | NestJS | Page 1

opaque nebula Nov 30, 2023, 10:47 PM

#

hi, im trying to implement a logout function on my own. im new to nestjs. so basically when the request goes to logout, i add the token to a blacklist in the db and i have to verify if the token already exists in the blacklist on subsequent request using a guard. but my question is: when should i remove that token blacklisted from the db?

wise sparrow Nov 30, 2023, 11:07 PM

#

When the token is expired

opaque nebula Nov 30, 2023, 11:09 PM

#

wise sparrow When the token is expired

so i should use a cron?

wise sparrow Nov 30, 2023, 11:11 PM

#

That's an option

opaque nebula Nov 30, 2023, 11:47 PM

#

wise sparrow That's an option

what would be another option?

wise sparrow Nov 30, 2023, 11:48 PM

#

On checking if it's in the blacklist you could check the expiration time too (if the token is there) and if it's expired delete the token from the blacklist

#

Little more intensive on the request side

#

Also, generally, should only be going to check the blacklist if the token is valid, so that wouldn't necessarily be an issue anyways. Though you could, on an expired token, just fire a DELETE query that may or may not delete a token anyways, while returning the 403 response.

#

Just a few other options 🙂

#logout in nestjs