lukas/uis-cloud-computing
1
0
Fork 0
mirror of https://github.com/dat515-2025/Group-8.git synced 2026-03-22 06:57:47 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/33-frontend-looks-like-logged-in-even-after-token-expires' into 33-frontend-looks-like-logged-in-even-after-token-expires

Browse Source
This commit is contained in:
ribardej
2025-10-23 19:16:36 +02:00
parent b0cd7030d8 eb7b2290b8
commit e460f647b2
1 changed files with 8 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
7project/backend/app/core/security.py
View File

@@ -3,7 +3,14 @@ import re
import jwt import jwt
from fastapi import Request from fastapi import Request
# Simple in-memory revocation store. In production, consider Redis or database. # Simple in-memory revocation store for revoked JWT tokens.
#
# Limitations:
# - All revoked tokens will be lost if the process restarts (data loss on restart).
# - Not suitable for multi-instance deployments: the revocation list is not shared between instances.
# A token revoked in one instance will not be recognized as revoked in others.
#
# For production, use a persistent and shared store (e.g., Redis or a database).
_REVOKED_TOKENS: set[str] = set() _REVOKED_TOKENS: set[str] = set()
# Bearer token regex # Bearer token regex