same token generated every time for same user
prasadyeole03 opened this issue · 1 comments
prasadyeole03 commented
HI I'm using drf-social-oauth2 in one of my project to generate an auth token for social login users. but after logout and blacklisting the old token. when I again generate auth token i'm getting same token as old.
wagnerdelima commented
Right, that is the correct behavior of the application flow. How are you exactly blacklisting the token?
So, the flow works as follows, the token is generated with a certain expiry date. If you request a new token and the new old token is still valid, the application will give you the old token (as there is no need to create a new token).