I like it. I'm not sure that "short token" is the right term for that - perhaps "token id". Also the only occurrence of "it's" in the README should be "its": https://brians.wsu.edu/2016/05/19/its-its/
Edit: Actually, the short token is more than just a token ID - it's also required, right? Perhaps replace:
When we receive an incoming request, we search our database for hash(long_token)
with:
When we receive an incoming request, we search our database for hash(long_token) and short_token. A token can be blocklisted by its short_token.
So I think I prefer "short token" to "token id" but perhaps there is a better name for it. If it did get renamed it would probably make sense to rename "long token" as well. I'll defer to experts on this.
My suggestion was blocklist which looks a lot like blacklist because only one letter is different. Perhaps "deny list" would be better. It's what Apple is using. https://developer.apple.com/news/?id=1o9zxsxl
Edit: Actually, the short token is more than just a token ID - it's also required, right? Perhaps replace:
with: So I think I prefer "short token" to "token id" but perhaps there is a better name for it. If it did get renamed it would probably make sense to rename "long token" as well. I'll defer to experts on this.