re: Which is the best practice for node user authentication and session handling? VIEW POST

TOP OF THREAD FULL DISCUSSION
re: My best advice would be to rely on native sessions, which are the most supported and compatible mechanism.
 

Thanks for the answer. I find hard to use native session. I think they will less secure as compared to the new packages.

 

The thing is, native sessions are hard to render unsecure, especially when rightfully configured.

JWT is recognized as unfit for authentication, and much harder to get right (especially with refresh mechanisms and token types).

code of conduct - report abuse