How to destroy JWT Tokens on logout?

Question

I am using jwt plugin and strategy in hapijs.

I am able to create jwt token while login user and authenticate other API using the same token through \'jwt\' strategy

Answer 1

The JWT is stored on browser, so remove the token deleting the cookie at client side

If you need also to invalidate the token from server side before its expiration time, for example account deleted/blocked/suspended, password changed, permissions changed, user logged out by admin, take a look at Invalidating JSON Web Tokens for some commons techniques like creating a blacklist or rotating tokens