I'd put the JWT in a cookie and expand the middleware to check if there is one, too. The it works like a session, it's more secure (keyword: session hijacking)
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
I'd put the JWT in a cookie and expand the middleware to check if there is one, too. The it works like a session, it's more secure (keyword: session hijacking)