- Популярные видео
- Авто
- Видео-блоги
- ДТП, аварии
- Для маленьких
- Еда, напитки
- Животные
- Закон и право
- Знаменитости
- Игры
- Искусство
- Комедии
- Красота, мода
- Кулинария, рецепты
- Люди
- Мото
- Музыка
- Мультфильмы
- Наука, технологии
- Новости
- Образование
- Политика
- Праздники
- Приколы
- Природа
- Происшествия
- Путешествия
- Развлечения
- Ржач
- Семья
- Сериалы
- Спорт
- Стиль жизни
- ТВ передачи
- Танцы
- Технологии
- Товары
- Ужасы
- Фильмы
- Шоу-бизнес
- Юмор
Your API Still Works After Logout 😳 Why?
You clicked logout... but the API still accepts the old token.
Why?
In many systems, logout only clears the token from the browser. The backend still trusts that token until it expires. This is especially common in stateless JWT-based authentication flows where the server does not track session state.
In this short, I explain:
why logout often fails to immediately end access, why expiration is not the same as revocation, and how to fix it using short-lived access tokens, refresh token rotation, session stores, token versioning, and denylist-based revocation.
If you're learning backend development, API security, Spring Boot, Java, authentication, or system design, this is a real-world auth issue you need to understand.
Follow for more real backend and security tips.
👋🏻 Connect with me:
Github: https://github.com/JavaaTechSolutions
LinkedIn: https://www.linkedin.com/in/javatech-solutions-b44b352b7
🎟 Join this channel to get access to perks: https://www.youtube.com/channel/UCm82_YpE8-MPvB-uLkoWZxA/join
🎉 Thanks for watching the video!. Don't forget to like, subscribe, and hit the notification bell to stay updated with our programming tutorials. Happy coding! 💻👩⚕️👨⚕️
SUBSCRIBE TO MY CHANNEL: http://bit.ly/3ZlFSLT ❤️
Видео Your API Still Works After Logout 😳 Why? канала Java Tech Solutions
Why?
In many systems, logout only clears the token from the browser. The backend still trusts that token until it expires. This is especially common in stateless JWT-based authentication flows where the server does not track session state.
In this short, I explain:
why logout often fails to immediately end access, why expiration is not the same as revocation, and how to fix it using short-lived access tokens, refresh token rotation, session stores, token versioning, and denylist-based revocation.
If you're learning backend development, API security, Spring Boot, Java, authentication, or system design, this is a real-world auth issue you need to understand.
Follow for more real backend and security tips.
👋🏻 Connect with me:
Github: https://github.com/JavaaTechSolutions
LinkedIn: https://www.linkedin.com/in/javatech-solutions-b44b352b7
🎟 Join this channel to get access to perks: https://www.youtube.com/channel/UCm82_YpE8-MPvB-uLkoWZxA/join
🎉 Thanks for watching the video!. Don't forget to like, subscribe, and hit the notification bell to stay updated with our programming tutorials. Happy coding! 💻👩⚕️👨⚕️
SUBSCRIBE TO MY CHANNEL: http://bit.ly/3ZlFSLT ❤️
Видео Your API Still Works After Logout 😳 Why? канала Java Tech Solutions
jwt jwt authentication logout api security backend security authentication authorization token revocation refresh token access token session management secure auth backend java spring boot microservices system design security architecture web security cybersecurity token replay denylist session store developer tips programming shorts tech shorts backend developer auth flow secure coding identity and access management
Комментарии отсутствуют
Информация о видео
10 мая 2026 г. 14:36:25
00:02:00
Другие видео канала
Why Your Code Works Locally but Fails in Production 😳 | Spring Boot Reality
Explore Your Property Booking App DASHBOARD Analytics!
Configuring Multiple Datasources in Spring Boot (Step-by-Step Guide)
Property Booking App: Display List of Properties (Edit & Delete)
How to Print Fibonacci Series Using For Loop | Java Interview Question #java #technology
Spring Boot 4 API Versioning Explained | v1 vs v2 DTO Mapping | Spring Framework 7 Ready
Get READY for Your Java Interview with THESE Must Know Core Questions
Spring Boot 3 Integration with MongoDB | CRUD Operations | Hibernate | Build Rest API
Pagination in Spring Boot JPA | Query Optimizing
🚀 Spring Boot Cron Jobs Made Easy | Real-Time Task Scheduling Tutorial
Spring Boot Logging → Master Logs in Minutes 📜
A Hacker Changed This One Parameter… and Got Full Access 😳
Breaking Down Monolithic vs Microservices: Which is Right for Your Project? What are Microservices?
Spring boot CORS and CORS error #springboot #cors
Create POWERFUL Event Management Systems with Spring Boot and Angular
🚀 Virtual Threads in Spring Boot Explained in 60 Seconds | Java 21 Feature
Java 24 Scoped Values: A Game-Changer! 🚀 Say Goodbye to ThreadLocal & Explore New Features!
What’s New in Spring Boot 4? Full Feature Breakdown
⚔️ DTO vs Entity Explained in 60 Seconds | Spring Boot Basics 🚀
Best Form Validation Practices for Angular Developers
Convert html file into PDF using iText in Spring Boot #springframework #springboot
