Y
Hacker News
new
|
ask
|
show
|
jobs
by
nine_k
2734 days ago
JWT in particular uses cryptography to encode a timestamp and some other parameters. This way, you can check if it's valid by just decrypting it, without hitting a DB.
Not all bearer tokens have this property.