modo::auth::jwt

Trait Revocation

pub trait Revocation: Send + Sync {
    // Required method
    fn is_revoked(
        &self,
        jti: &str,
    ) -> Pin<Box<dyn Future<Output = Result<bool>> + Send + '_>>;
}

Expand description

Optional trait for JWT token revocation checks.

Implement this against your storage backend (DB, Redis, LruCache, etc.). Register with JwtLayer::with_revocation() — the middleware skips the check when no backend is registered.

§Behavior

Only called when a revocation backend is registered AND the token has a jti claim.
Token without jti + registered backend: accepted without calling is_revoked.
Ok(true): token rejected with jwt:revoked.
Ok(false): token accepted.
Err(_): token rejected with jwt:revocation_check_failed (fail-closed).

Required Methods§

Source

fn is_revoked( &self, jti: &str, ) -> Pin<Box<dyn Future<Output = Result<bool>> + Send + '_>>

Returns Ok(true) if the token identified by jti has been revoked.

§Errors

Returning Err causes the middleware to reject the request with jwt:revocation_check_failed (fail-closed behavior).

Revocation

Trait Revocation Copy item path

§Behavior

Required Methods§

fn is_revoked( &self, jti: &str, ) -> Pin<Box<dyn Future<Output = Result<bool>> + Send + '_>>

§Errors

Implementors§

Trait Revocation