I am creating a token authentication system for a mobile backend with Rails. I understand that there is development, but our auth path looks different, so I create it from scratch.
Just curious when the user logs out. What should happen with the token at the end of Mobile and Server.
- Should I remove the token at the end of the mobile phone?
- Should I remove the token on the server? And a new one will be created when this user logs in again.
Thank!
source
share