Closed nbitzz closed 1 month ago
Should we consider this for the "like really fucking easy" label
What the fuck since when did we have that
What the fuck since when did we have that
Since like 30 minutes ago
@Jack5079 is it even worth it to use JWTs?
We need to store the signing key... somewhere, and we still need to store all of the data in the JWT on the server if we want to do session management.
The only benefit I can think of: not needing to make an extra request to some new endpoint to check your token's scopes. Worth it? Probably
I have no fucking idea
How much data do we even store in the JWT? We probably don't want to make it a Fat Fuck but I don't know Just accountID, token type and scopes?
Solved in #70
We. don't use jwts. and we probably should