Clearly this only works for an emergency case when you wanted all existing tokens to expire, for per token expiry one of the solutions above is required (such as short token expiry time or invalidating a stored key inside the token).This is primarily a long comment supporting and building on the answer by @mattway Given: Some of the other proposed solutions on this page advocate hitting the datastore on every request.When it comes to performance and reliability, no one can match Eagle Picher.What makes Eagle Picher different when it comes to lithium ion cells and batteries?It seems like such a mechanism would not exist in the token-based approach since the token itself would contain the info that would normally exist in the key-value store.
However, when you make updates to an asset, you may want those changes to take effect immediately.
If there ever was an emergency, or a user token was compromised, one thing you could do is allow the user to change an underlying user lookup ID with their login credentials.
This would render all associated tokens invalid, as the associated user would no longer be able to be found.
Rand Paul, Michele Bachmann and even Chris Christie made it official this week: We've had the Rat pack, the Brat Pack, and now, the Quack Pack -- the new GOP media elite, intent on waging a war on smart.
Like little kids in school hurling insults and seeing it gets them lots of attention, before they've learned the lessons of blowback, those most often quoted among the GOP are its biggest quacks -- waddling before the cameras, lining up to pimp out their idiocy and bigotry to the mass media.