If I store a salt for each user in the DB, then we have to lookup in the DB in every request, right?
How does this approach (storing random salt for each user) optimize instead of blacklisting or any other approach?
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Another solution could be,
"your secret"+ the salt.It would make any existing JWT tokens invalid immediately without the need of a blacklist.
If I store a salt for each user in the DB, then we have to lookup in the DB in every request, right?
How does this approach (storing random salt for each user) optimize instead of blacklisting or any other approach?