问题
I have JWT already stored in the user's browser's local storage. I have set the JWT's expiration date to be on in 7 days using nodejs/express.
Will the browser detect the expiration date and automatically remove it from the local storage? or will my server have to check the JWT and remove the expired JWT from the user's browser's local storage?
回答1:
Local storage does not have an auto-expiring feature so the browser will not remove the JWT from local storage. It will be up to you or a library to inspect if a JWT has expired and remove it. There is no harm in leaving an expired JWT in local storage as once it has expired no one can use it.
来源:https://stackoverflow.com/questions/47318233/when-jwt-expires-will-the-jwt-stored-in-local-storage-be-removed-automatically