|
|
|
|
|
|
by bzbz
917 days ago
|
|
|
So sign your UUIDs and combine them into “$UUID:$HASH” strings for the same benefit. Or a more structured JWT-like payload that still verifies auth against the DB (as opposed to carrying authorization within the token). No need to reinvision the rest of the auth flow if you just want to add hashing to reduce DB load. |
|
|