How to destroy JWT Tokens on logout?

Question

I am using jwt plugin and strategy in hapijs.

I am able to create jwt token while login user and authenticate other API using the same token through \'jwt\' strategy

Answer 1

You can add "issue time" to token and maintain "last logout time" for each user on the server. When you check token validity, also check "issue time" be after "last logout time".