This repository was archived by the owner on Feb 25, 2019. It is now read-only.
Create mechanism for generic expiring tokens #168
Labels
Comments
|
It's worth considering using a JWT for this. There may be good reasons not to do that. If not, what type of value? Hash? Also, we may or may not want to persist these tokens. If persisted, they should have a TTL to keep from exploding the size of the database. |
|
Related: #160 |
|
Really like the way this is turning out. Thanks for pairing today. Awesome work! |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Many times, with use-cases such as e-mail verification, password reset, or other similar features, there is a need to make a generic expiring token that is then issued to the user for a particular purpose.
We need to provide some mechanism to enable this, rather than reimplementing this logic for every possible feature.
The text was updated successfully, but these errors were encountered: