Question: session management strategies JWT vs database

atinux / nuxt-auth-utils

Add Authentication to Nuxt applications with secured & sealed cookies sessions.

MIT License

962 stars 90 forks source link

Question: session management strategies JWT vs database #164

Closed peterbud closed 2 months ago

peterbud commented 2 months ago

Is there an example / minimal pattern to implement session management with nuxt-auth-utils and to store the user / session in a database and not in the JWT? All the examples with nuxt-auth-utils I have found so far were using JWT to store the user and the session in the cookie. I guess one needs to use the existing hooks, however as this is such a common pattern, I was wondering how much support for this exist.

Or is this considered out of the scope of the project?

Barbapapazes commented 2 months ago

Hey 👋,

implement session management with nuxt-auth-utils and to store the user / session in a database

Actually, no but I'm working on something like this. The issue is that the way Nitro handle session makes things very difficult to do because it (Nitro) considers that sessions must be cookie based. A driver system (like unstorage) is needed to simplify.