Refresh Tokens
pedrogcsb opened this issue · comments
Hey!
Any idea how can we remove / delete refresh token from DB if expired?
Hi, this seems to be a task for a cleanup activity. Can be performed by any background asynchronous process. You can write a scheduled job or a cron that does it for you.
I would suggest to store Refresh Token in Cache with TTL(Time to live) same as refresh token expiry, token gets deleted automatically when expired also there are some advantages using cache instead of DB for refresh tokens
@abdurrehmansyeds Thanks. Although straightforward, purging refresh tokens is outside the scope of the initial project. A variant of this is already done here #13