JWTs are designed for Google/Facebook scale environments and have tradeoffs that may not be necessary for smaller applications that need to hit the database on each request. Using a normal session mechanism and storing the session data in the database may be a better choice.
Sort: