Missing revoke method on JWT

Rule ID: javascript_express_jwt_not_revoked
Languages: javascript
Source: <a class="text-main dark:text-main-300 hover:underline" href="https://github.com/bearer/bearer-rules/blob/main/rules/javascript/express/jwt_not_revoked.yml">jwt_not_revoked.yml

Description

The best practice caching policy is to revoke JWTs especially when these contain senstitive information.

✅ Ensure JWTs are short-lived by revoking them

expressjwt({
  ...
  isRevoked: this.customRevokeCall(),
  ...
})

To skip this rule during a scan, use the following flag

bearer scan /path/to/your-project/ --skip-rule=javascript_express_jwt_not_revoked

To run only this rule during a scan, use the following flag

bearer scan /path/to/your-project/ --only-rule=javascript_express_jwt_not_revoked