|
|
|
|
|
|
by ehutch79
1360 days ago
|
|
|
You're not wrong. I replied to a sibling comment. What I do is use the JWT from oauth or whatever sso, verify it, and log the user in as normal. Using the JWT as a replacement for a username/password. I can invalidate the session or block the user as normal. |
|
|