Hi
Even after logout at REACT client end (logout() from auth0), my node server is still accepting Access tokens (I’m checking token expiry and verfying sign):-
if (decodedJwt.payload.exp < currentTime || decodedJwt.payload.iat > currentTime) return 403;
jwt.verify(jwtoken, signingKey, {'algorithms': decodedJwt.header.alg}, (error) => { return 403; }
So how can I detect that token in request is stale or flushed/blocked by auth0?
Thanks