Hacker News new | past | comments | ask | show | jobs | submit login

Revocation was something I did consider, but I am just using a users password hash as the token key, that way when the user changes his password, all previous tokens are invalidated.

Registration is open for Startup School 2019. Classes start July 22nd.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact