bian2510
Hello there, I need help to signout or revoke token to my API phoenix with Guardian
Hi, I’ve an API and I’m using guardian to authenticate users, I can login correctly, but when I try logout nothing is happening.
I’m using this function of Guardian Guardian.revoke/2 I’m passing the connection and the token, (inclusive in some test I’ve hard coded the correct token). This not trow any error, but when I try go to other protected route with the same token, I can access to this route. How I could revoke this token?
Marked As Solved
pmangalakader
# revoke a token (use GuardianDb or something similar if you need revoke to actually track a token)
{:ok, claims} = MyApp.Guardian.revoke(token)
The above comes from the official docs.
https://github.com/ueberauth/guardian
@bian2510 This is more effective if you’re using the GuardianDB from the server side. If you’re not using GuardianDB, you probably need to clear the token from the cookie or cache for it to work.
Also Liked
derek-zhou
In a typical web application you do not revoke a token but rather delete the token from the client storage, therefore log the user out.
If you really want to revoke a token, like in the case that you don’t control the client, you will have to keep the revoked token in a persistent storage and check to make sure the token you encounter is not one of the revoked. I haven’t done that myself; Guardian will not do that for you, just provide some hooks so you can implement it yourself.
Popular in Questions
Other popular topics
Categories:
Sub Categories:
Forums
Popular Tags
- #ecto
- #liveview
- #troubleshooting
- #learning-elixir
- #deployment
- #library
- #erlang
- #testing
- #genserver
- #mix
- #absinthe
- #remote-other
- #otp
- #plug
- #how-to-question
- #macros
- #postgres
- #channels
- #elixirconf
- #exunit
- #discussion
- #code-sync
- #javascript
- #podcasts
- #onsite
- #dialyzer
- #docker
- #authentication
- #umbrella
- #full-time-contract
- #podcasts-by-brainlid
- #ecto-query
- #elixir-ls
- #phoenix_html
- #iex
- #blog-post
- #graphql
- #genstage
- #ai
- #websockets
- #supervisor
- #advent-of-code
- #elixirconf-us
- #distillery
- #processes
- #forms
- #api
- #metaprogramming
- #security
- #performance










