NextAuth is hands down the best authentication solution for Nextjs.
I've been using it for over a year now and one of the challenges I've faced is...
For further actions, you may consider blocking this person and/or reporting abuse
Thanks for this, saved me a lot of time! :-)
Good approach Nick!, what do you recommend to persist some sensitive data like fullName, email, id in the session?
Hi Roger, thank you for the comment!
As I emphasized in the Conclusion of the article, sensitive data - such as passwords and API keys - should NEVER be stored in a session, not even in the token. It's important to store such data in a secure database and encrypt it to protect the user's privacy.
On the other hand, it is generally considered safe to store non-sensitive data such as the user's full name, email, and ID in a session as they don't pose a risk to the user's privacy.