You send your session id or token, if it's JWT token it can be decrypt any why... the only information you usually store is your user id, client id, user role - this info means nothing but you get a extra security layer that helps you mitigate this vulnerability
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
You send your session id or token, if it's JWT token it can be decrypt any why... the only information you usually store is your user id, client id, user role - this info means nothing but you get a extra security layer that helps you mitigate this vulnerability