|
|
|
|
|
|
by miguelmota
2319 days ago
|
|
|
I didn't say that they should "always" be used for authentication but that session IDs fulfills most web app user authentication needs. Most devs that implement JWT treat them as stateful which defeats the purpose of them. JWT has it's use cases when done correctly. |
|
|
I'm not sure you read the article because the points you are making were addressed.