0
hungvt created
Hi team, When i logout in angular, i using token copy from access_token in Local Storage to call api service by Postman. Reponse status is 200. How to prevent using access_token reuse when logouted? (Return 401) Thank!
- ABP Framework version: v3.1.2
- UI type: Angular
- Tiered (MVC) or Identity Server Seperated (Angular): yes
- Exception message and stack trace:
- Steps to reproduce the issue:
2 Answer(s)
-
0
Hello @hungvt,
It is related with your access token lifetime. Access Tokens used in frontend should have short life span and your application should be silently renewing it when required.
What is the point of using tokens instead of username/password if you'll keep it valid for 3 years, right?
-
0
Is it necessary to store tokens in Local Storage? Or in cookies? Isn't it possible to use headers only?