|
|
|
|
|
|
by TheAceOfHearts
3265 days ago
|
|
|
Most web frameworks I'm familiarized with have a concept of middleware, where you can perform any authentication checks before yielding. Having read a bit into the topic, I'd +1 avoiding JWT. Getting authentication "right" is difficult. I think most applications should default to using stateful authentication. By the time you actually need stateless authentication "to scale", you'll hopefully have enough experts on-board to help you understand the tradeoffs. |
|
|