8000 🐛 Bug Report: JWT still valid after Session Timeout · Issue #8000 · appwrite/appwrite · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content
🐛 Bug Report: JWT still valid after Session Timeout #8000
New issue
New issue
Open
Open
🐛 Bug Report: JWT still valid after Session Timeout#8000
Assignees
Souptik2001
Labels
bugSomething isn't workinggood first issueGood for newcomersproduct / authFixes and upgrades for the Appwrite Auth / Users / Teams services.
@jschmidtww

Description

@jschmidtww
jschmidtww
opened on Apr 22, 2024

👟 Reproduction steps

I use JWT to authenticate a user on my API server. I use the /account endpoint to verify the JWT. If the user is logged out because the session has expired, the JWT is still valid and I still get a successful response when I call /account with the user's JWT.

👍 Expected behavior

The JWT should be invalid after the user is logged out and calling /account with users JWT should throw an error.

👎 Actual Behavior

Calling /account with the users JWT gives a successful response.

Discord thread: https://discord.com/channels/564160730845151244/1221805690050445362

🎲 Appwrite version

Version 1.4.x

💻 Operating system

Linux

🧱 Your Environment

I use Self-Hosted Appwrite Version 1.4.13

👀 Have you spent some time to check if this issue has been raised before?

  • I checked and didn't find similar issue

🏢 Have you read the Code of Conduct?

Metadata

Metadata

Assignees

Labels

bugSomething isn't workinggood first issueGood for newcomersproduct / authFixes and upgrades for the Appwrite Auth / Users / Teams services.

Type

No type

Projects

1.5 release

Status

In Progress

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions
    0