Srikanth
Reputation: 147
How to expire token for user in token based authentication for Web API
Recently I created token based authentication for my Web API project following an Article here I am able to create the token and able to validate the token as well. But when user logged out we are removing the token from user device, if the user saved the token before we remove that token, it still valid until it reaches the expiration time, which leads less security for the API
Can any once suggest how can I expire the the issued token. (as we have huge user database we are not storing any tokens in database.)
Upvotes: 3
Views: 1570
Answers (1)
Nivas Pandian
Reputation: 424
You can clear cookies and entire session if exists any !
Request.GetOwinContext().Authentication.SignOut();
Request.GetOwinContext().Authentication.SignOut(Microsoft.AspNet.Identity.DefaultAuthenticationTypes.ApplicationCookie);
HttpContext.Current.GetOwinContext().Authentication.SignOut(Microsoft.AspNet.Identity.DefaultAuthenticationTypes.ApplicationCookie)
Upvotes: 1
Related Questions
- OAuth2 WebApi Token Expiration
- asp net web api Authentication token expiration?
- Handling access tokens expire time
- Bearer token that never expires
- ASP.NET Web API Authorization tokens expiring early
- How i can expire the access-token manually or forcefully generated by my own web API
- ASP.Net Web Api how to change token expiration time in runtime
- Manually expire JWT token from server - WEB API 2
- How to prolong token expire date after each request(i use WebApi bearer token)
- web api - asp.net identity token expires even for the subsequent request