Hacker News
- Stop Using JWT for Sessions (2016) http://cryto.net/~joepie91/blog/2016/06/13/stop-using-jwt-for-sessions/ 6 comments
- Stop using JWT for sessions (2016) http://cryto.net/~joepie91/blog/2016/06/13/stop-using-jwt-for-sessions/ 245 comments
- Stop using JWT for sessions http://cryto.net/~joepie91/blog/2016/06/13/stop-using-jwt-for-sessions/ 3 comments
Lobsters
- Stop using JWT for sessions http://cryto.net/~joepie91/blog/2016/06/13/stop-using-jwt-for-sessions/ 5 comments security
- Why you should not use JWT for authentication, along with Flask implementation of session cookies https://blog.muhib.me/why-you-should-not-use-jwt-for-authentication 5 comments python
- Using JWT For Sessions https://techblog.bozho.net/using-jwt-sessions/ 4 comments programming
- Stop using JWT for sessions http://cryto.net/~joepie91/blog/2016/06/13/stop-using-jwt-for-sessions/ 156 comments programming
- Stop using JWT for sessions http://cryto.net/~joepie91/blog/2016/06/13/stop-using-jwt-for-sessions/ 98 comments node
- Stop using JWT for sessions http://cryto.net/~joepie91/blog/2016/06/13/stop-using-jwt-for-sessions/ 76 comments programming
- Stop using JWT for sessions http://cryto.net/~joepie91/blog/2016/06/13/stop-using-jwt-for-sessions/ 23 comments node
- Review: Stop Using JWT for Sessions https://www.ducktypelabs.com/review-stop-using-jwt-for-sessions/ 3 comments node
- Although JSON Web Tokens have become incredibly popular, its use for authenticating users sessions is controversial. Here's an attempt to demonstrate the pros and cons of using JWT for this context. https://supertokens.io/blog/are-you-using-jwts-for-user-sessions-in-the-correct-way?utm_source=reddit 29 comments javascript
- Are there any popular websites that exclusively use JWT with the HTTP Authorization header or as query parameter for session management instead of using cookies? http://cryto.net/~joepie91/blog/2016/06/13/stop-using-jwt-for-sessions/ 7 comments webdev
- jeff - A module for simple, flexible and secure web session management with pluggable backends that doesn't use JWT. https://github.com/abraithwaite/jeff 3 comments golang