|
|
|
|
|
|
by user5994461
2315 days ago
|
|
|
It's all about trade offs. If you want full session management, not everything can be decentralized. People often say that JWT can't handle sessions at all so I am merely explaining that it actually can out-of-the-box and how to make it work. Anyway, there is always a single point of failure somewhere. There's got to be something that authenticates users and creates tokens in the first place. |
|
|