guardian_db
A Guardian extension that tracks JWT tokens in a database to enable immediate revocation and prevent replay attacks.
What is guardian_db?
Guardian.DB is an Elixir library that extends the Guardian authentication framework by persisting JWT tokens in a database or ETS storage. It adds a stateful layer to Guardian's stateless JWT approach, enabling immediate token revocation and preventing unauthorized replay after logout. This ensures tokens can be centrally managed and invalidated in real-time.
Elixir developers using the Guardian framework for JWT-based authentication who require immediate token revocation capabilities, such as in applications with strict security needs or compliance requirements.
Developers choose Guardian.DB over plain Guardian when they need the flexibility of JWTs combined with the control of stateful sessions, allowing instant token invalidation. Its unique selling point is bridging the gap between stateless JWT scalability and the security of database-backed token tracking, with support for multiple adapters like Ecto and ETS.
Overview
Guardian DB integration for tracking tokens and ensuring logout cannot be replayed.
Use Cases
Best For
- Applications requiring immediate JWT revocation after user logout or security incidents.
Related Projects
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.
