Nice article! Something about the discussion between session-based tokens is funny though: One could always use a "normal" JWT and add the application server session as a claim. (In fact, this is how our organization does it.)
Kudos for pointing to the problems with the local storage, and the cookie alternative. I came to the same conclusion after lots of research.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Nice article! Something about the discussion between session-based tokens is funny though: One could always use a "normal" JWT and add the application server session as a claim. (In fact, this is how our organization does it.)
Kudos for pointing to the problems with the local storage, and the cookie alternative. I came to the same conclusion after lots of research.