Considerations for using JWT tokens- Part 2
To cater to this challenge create a blacklist or whitelist the tokens - a stateful JWT token can be implemented. But that again introduces server-side storage. This is nearing the implementation of the Session itself with added payloads as the size of JTW tokens is usually larger than the session Ids. JWTs being more sophisticated, the attack vectors that can be...