5:["$","main",null,{"className":"flex flex-col","children":[["$","$L27",null,{"leftSlot":["$","$L22",null,{"href":"/posts/how-to-invalidate-a-jwt-using-a-blacklist/604603fc8458d42fc821d0cd","className":"inline-flex items-center gap-2 text-sm text-muted-foreground transition hover:text-foreground","children":[["$","i",null,{"className":"fa-regular fa-arrow-left text-sm","aria-hidden":"true"}],"Discussion"]}]}],["$","section",null,{"className":"mx-auto w-full max-w-2xl px-5 py-8 sm:px-8","children":[["$","div",null,{"className":"flex min-w-0 items-center gap-3 border-b border-border pb-5","children":[["$","span",null,{"className":"inline-flex shrink-0 items-center gap-1.5 rounded-md bg-muted px-2 py-1 text-sm font-medium text-muted-foreground","children":[["$","i",null,{"className":"fa-regular fa-comment text-sm","aria-hidden":"true"}],"Comment"]}],["$","$L22",null,{"href":"/posts/how-to-invalidate-a-jwt-using-a-blacklist/604603fc8458d42fc821d0cd","className":"inline-flex min-w-0 items-center gap-1.5 text-sm text-muted-foreground transition hover:text-foreground","children":[["$","span",null,{"className":"truncate","children":"How to invalidate a JWT using a blacklist"}],["$","i",null,{"className":"fa-regular fa-arrow-up-right shrink-0 text-sm","aria-hidden":"true"}]]}]]}],["$","div",null,{"className":"mt-5 rounded-xl border border-border p-5","children":["$","$L28",null,{"postId":"604603fc8458d42fc821d0cd","responseId":"6395781a9fa713176ab9dac3","hasReplies":false,"replyDefaultMentions":[{"id":"webJose","name":"José Pablo Ramírez Vargas","username":"webJose","photo":"https://cdn.hashnode.com/res/hashnode/image/upload/v1691519471595/SLwfekD6N.jpg?w=100&h=100&fit=crop&crop=faces&auto=compress,format&format=webp"}],"children":[["$","div",null,{"children":["$","$L29",null,{"type":"response","id":"6395781a9fa713176ab9dac3","contentHtml":"

Saving JWT's in any medium is a security risk. The blacklist method needs to be stopped.

The most straightforward example one can give:

Hacker gains access to your database.
Hacker reads all invalidated tokens in the blacklist.
Hacker clears the blacklist. Now all blacklisted tokens are back to Active and Good state.
Hacker does bad things with the stolen, previously-blacklisted-but-not-anymore, list of tokens.

\n","contentMarkdown":"Saving JWT's in any medium is a security risk. The blacklist method needs to be stopped.\n\nThe most straightforward example one can give:\n\n1. Hacker gains access to your database.\n2. Hacker reads all invalidated tokens in the blacklist.\n3. Hacker clears the blacklist. Now all blacklisted tokens are back to Active and Good state.\n4. Hacker does bad things with the stolen, previously-blacklisted-but-not-anymore, list of tokens.","isOwner":false,"canDelete":false,"permalink":"/posts/how-to-invalidate-a-jwt-using-a-blacklist/604603fc8458d42fc821d0cd/comment/6395781a9fa713176ab9dac3","header":["$","$L2a",null,{"username":"webJose","children":["$","$L22",null,{"href":"/@webJose","prefetch":false,"className":"flex min-w-0 items-center gap-2 transition hover:opacity-80","children":[["$","$L2b",null,{"className":"size-8 shrink-0","children":[["$","$L2c",null,{"src":"https://cdn.hashnode.com/res/hashnode/image/upload/v1691519471595/SLwfekD6N.jpg?w=100&h=100&fit=crop&crop=faces&auto=compress,format&format=webp","alt":"José Pablo Ramírez Vargas"}],["$","$L2d",null,{"className":"text-sm","children":"JP"}]]}],["$","div",null,{"className":"min-w-0","children":[["$","p",null,{"className":"truncate text-sm font-medium text-foreground","children":"José Pablo Ramírez Vargas"}],["$","p",null,{"className":"truncate text-xs text-muted-foreground","children":"Senior Software Developer @ Intel"}]]}]]}]}],"meta":["$","$L22",null,{"href":"/posts/how-to-invalidate-a-jwt-using-a-blacklist/604603fc8458d42fc821d0cd/comment/6395781a9fa713176ab9dac3","className":"text-sm text-muted-foreground transition hover:text-foreground","children":"$L2e"}],"children":"$L2f"}]}],null]}]}]]}]]}]

Search Hashnode