|
|
|
|
|
|
by Lazare
3032 days ago
|
|
|
> I’m using sessions/cookies for keeping state and keeping the user logged in Good. Sessions are the standard for a reason, and it's currently considered best practice. And if you've got a session ID, and your clients support cookies, then sure, use cookies for storing them. > will using JWT (with the token stored in the cookie) to keep the user logged in instead of sessions/cookies make my application more secure No. Probably less secure, although if you know what you're doing you can mitigate the issues. But certainly not more secure. |
|
|