You can enable token storage in cbsecurity via the tokenStorage setting. By default it is enabled and leverages CacheBox's default cache using a key prefix of cbjwt_ + the token's unique identifier claim of jti.
We recommend that you create a separate provider for the cache.
The storage of keys are great in order to visualize in your application all the registered keys in the system. You can also invalidate keys, as by default if the token does not exist in the storage, it is considered invalid.
You can retrieve the token storage by injection or the helper method:
We ship with two drivers:
cachebox : Leverages any cache registered in CacheBox
db : Leverages a database table to store the keys
cacheName : The cache to use
table : The table to use for storage
schema : A schema to use if the database supports it, else empty
dns : The datasource to use, defaults to the one set in Application.cfc
autoCreate:true : Autocreate the table if not found
rotationDays:7 : How many days should the expiration be before removal
rotationFrequency:60 : How many minutes should pass before issuing a rotation check
The columns it will create are:
id - identifier
cacheKey - The unique cacke key, indexed
token - The encrypted token
expiration - The expiration
issued - The issue date
subject - The subject identifier
If you would like to create your own token storage, just add your own WireBox ID to the driver, properties and implement the following interface: cbsecurity.interfaces.jwt.IJwtStorage