Write and read methods

[simon-p-r]

Hello

The write and read methods don't appear to be secure as they don't sign or verify the jwt with either a secret string or private / public pem key. What is the purpose of this module?

[pauldijou]

There is another method to verify the token. But security is a server-side problem, this module is mostly there to store the token client-side and help you send it back. Your user will be able to freely change it anyway, whatever lib you are using.