Closed nwartell closed 5 months ago
I'm using JWT wrong by storing the token in a session variable. This needs to be examined.
There are articles that warn against using JWT for session authentication and validation. Article 1 Article 2 Article 2 cont.
Might be best to just use sessions?
I'm using JWT wrong by storing the token in a session variable. This needs to be examined.
There are articles that warn against using JWT for session authentication and validation. Article 1 Article 2 Article 2 cont.
Might be best to just use sessions?