implement v1/access/logout
Closed this issue · 3 comments
danielblagy commented
- invalidate token by storing it in cache until it expires (blacklist approach)
danielblagy commented
Blocked by #21
danielblagy commented
- cover access service with unit tests
- do #23 in this branch
- add documentation
danielblagy commented
FOR QA:
- implement
POST v1/access/logout- logs out the user - fix authorization bug: the error was not propagated properly from handler.authorize convenience function
- implemented #23, now if token has expired, status 401 unauthorized is returned with a message
token has expired: not authorized