loading...

re: Build Email Verification from Scratch With Masonite Framework and JSON Web Tokens VIEW POST

FULL DISCUSSION
 

Don't use a single key for authentication and especially not your application-key. That should be secret at any time (hashed or not).
Just generate a random key for the user and salt it with the users email address or the timestamp. Needs an additional entry in your User model of course.

Code of Conduct Report abuse