A different approach to User Sessions in Microservices
Too Long; Didn't Read
A different approach to User Sessions in Microservices has been proposed by Jonathon de Moraes. JWT lets users log in and send their session data back to the server with every request. This poses a huge bunch of issues we didn't have before, and I'll try to describe some of them now. The old days have been stored in the server's memory, indexed by a randomly generated hash with no meaning. In possession of the token, any attacker can try to try to decrypt it in order to access the data within it.