this post was submitted on 10 Jul 2023
46 points (96.0% liked)
lemmy.ml meta
1406 readers
1 users here now
Anything about the lemmy.ml instance and its moderation.
For discussion about the Lemmy software project, go to [email protected].
founded 3 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
The servers should theoretically have a way to murder the tokens, but I'm not sure how Lemmy has implemented authentication so I don't know for sure.
Looks like you're right, admins will just need to update the JWT secret.
That makes sense. Of course, updating the secret will log everyone out, but that's a small price to pay to fix an admin breach.