Saturday, 10 June 2017

How safe is it to store user access level and email in Json Web Tokens

Would it be safe to store the user access level/admin level and email which determines what data they can retrieve in a properly encrypted JWT ? or should I store the token in the database verify the token on each request and look up data that way?



via Dev-Mev

No comments:

Post a Comment