|
|
|
|
|
|
by user5994461
2315 days ago
|
|
|
JWT works well. Securing API is one of its main use cases. That being said. Please do NOT use basic auth for anything in 2020. This is the worst anti-pattern one could do for authentication. Basic auth simply transmits the username and passwords in clear text with every request. No application should be receiving username and password in clear text besides a single auth service. The passwords will get leaked all over the place between developers debugging, verbose logs, exceptions, etc... And unlike tokens that are meaningless and expire, textual passwords last forever and are extensively re-used by user across websites. |
|
|