client side
when token is stolen, delete the token from database.
Client side is not expired => so send request to sever
But sever return 401 unauthorized http
when client receive 401 unauthorized response, change root to /login
Last updated
when token is stolen, delete the token from database.
Client side is not expired => so send request to sever
But sever return 401 unauthorized http
when client receive 401 unauthorized response, change root to /login
Last updated