Monthly Archives: June 2022

JSON Web Tokens (JWTs) are not safe

In this book, we go into JWTs, their perceived benefits, and actual dangers. We’ll also discuss battle-tested solutions to replace them. We’ll explore:

  • HTTP Sessions, Authentication, and Authorization
  • The need for something like JWT
  • JWTs’ perceived benefits and actual dangers 
  • JWT workarounds and the complexities around that
  • Using Redis for session storage instead of JWTs
  • Sessions storage when Redis is used as a Primary DB 
  • Finally, you’ll also learn how to use Redis + JWT! Another common approach to managing user session

Article link