How to logoff/logout or expire a JWT Token (not expire) ?

[rpossan]

I tried to log out using the sorcery method (logout) but it just updates some columns from the user but if I continue using the JWT token it will be valid until it expired by the date, not respecting the logout method.
Any idea?

[hayfever]

Token invalidation is unfortunately beyond the scope of what I set out to do here, https://waiting-for-dev.github.io/blog/2017/01/24/jwt_revocation_strategies has been my reference for when I need to invalidate tokens.

A new version of sorcery is being worked on that should include some mechanism to handle this, you can follow the progress here: Sorcery/sorcery-rework#9