This is an interesting question. This question enlights some possibilities: http://stackoverflow.com/questions/21978658/invalidating-json-web-tokens But none of then gives is a definitive solution. Does anyone have other ideas about the subject? On May 1, 2015 10:13 AM, "Nabeel Valapra" <[email protected]> wrote:
> I have prior experience in Django. Recently I got a project to build in > REST architecture. I learned the basics of Django Rest Framework. But I am > stuck with the authentication system. > > I planned serve my frontend in anguarjs an host it on app.mydomain.com, > and the DRF on api.mydomain.com. So all the end application (android, > IOS) can pull the the data from api.mydomain.com > > Here I don't want to use session authentication system, it doesn't play > nice with CORS. I am more interested on JSONWebToken than Token Based > Authentication because its signed and allows refresh token option too. > > But, 1. How do I invalidate the existing tokens on password change? 2. How > to destroy the token in a mobile lost scenario? > > Is there any better authentication solution? > > -- > You received this message because you are subscribed to the Google Groups > "Django users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > Visit this group at http://groups.google.com/group/django-users. > To view this discussion on the web visit > https://groups.google.com/d/msgid/django-users/fabc7ac3-7343-48dc-8cfe-db909a5d6795%40googlegroups.com > <https://groups.google.com/d/msgid/django-users/fabc7ac3-7343-48dc-8cfe-db909a5d6795%40googlegroups.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAA-QWB1Bj9gQfv7oCXH_PnZGeS%2B0m-dmfELXG9y0XXUEy2GuoQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
