Only use JWT's as short-lived one-time tokens. For everything else, use session cookies. If you need to make a database lookup to validate the JWT then the purpose of them is defeated.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Only use JWT's as short-lived one-time tokens. For everything else, use session cookies. If you need to make a database lookup to validate the JWT then the purpose of them is defeated.