Open Kevinwochan opened 4 years ago
Using a JWT with a known user. A attacker could brute force the secret key to hijack active JWTs.
Solution
Maybe use https://github.com/paragonie/paseto/blob/master/README.md
Using a JWT with a known user. A attacker could brute force the secret key to hijack active JWTs.