Add token invalidation slides

publish.txt

@@ -14,4 +14,6 @@ slides/solutions.html
 slides/architecture.html
 slides/ror-auth.html
 slides/nginx-auth-request.html
+slides/what-we-have-worked-on.html
+slides/token-invalidation.html
 slides/demo.html

slides/token-invalidation.html

@@ -0,0 +1,9 @@
+<section><header>How We Plan To Do Device Management</header></section>
+
+<ul>
+  <li>Store Device ID's (not tokens)</li>
+  <li>Associate names with device ID's so that users can identify them</li>
+  <li>Attach Device ID as JWT Claim</li>
+  <li>When authenticating: check device ID</li>
+  <li>Distribute invalidated device ID's to other microservices</li>
+</ul>

slides/what-we-have-worked-on.html

@@ -1,8 +1,8 @@
-<header>Our main goal for sprint 4</header>
+<header>Goals for sprint 4</header>
 
 <ul>
   <li>Make existing functionality production ready</li>
   <li>Add Logout functionality</li>
-  <li>Architecture design for token invalidation</li>
+  <li>Architecture design for token invalidation and device management</li>
   <li>Research into CRLITE</li>
 </ul>