I think that both solutions have merits but are designed to work best for different scenarios.
JWTs really shine when you have a dedicated or 3rd party issuer like Google or GitHub or even your own solution that can issue a JWT that can be used with another application. The refreshing of the JWT can be managed by the issuer which would be directly talking to the frontend (think serverless).
Sessions on the other hand are really for when you are communicating with a single server (or a cluster using the same store) once you introduce external services or even micro services things start to get more complex or even impossible.
It's about using the right tool for the job and understand how those tools work.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
I think that both solutions have merits but are designed to work best for different scenarios.
JWTs really shine when you have a dedicated or 3rd party issuer like Google or GitHub or even your own solution that can issue a JWT that can be used with another application. The refreshing of the JWT can be managed by the issuer which would be directly talking to the frontend (think serverless).
Sessions on the other hand are really for when you are communicating with a single server (or a cluster using the same store) once you introduce external services or even micro services things start to get more complex or even impossible.
It's about using the right tool for the job and understand how those tools work.