|
|
|
|
|
|
by legulere
106 days ago
|
|
|
Much simpler: just store session ids in Redis. I skimmed over the previous articles in this blog and they don't seem to mention the one use case JWTs were made for: having a separate authentication server from the application server. Most developers will only need this for integrating into corporations with single sign in or social logins (sign in with Facebook/google/apple...). There you won't write the authentication server but integrate with them. Session Ids are dead simple to get right securely. Just use them. |
|
|