DEV Community

Discussion on: JSON web tokens are NOT meant for authenticating the same user repeatedly: Use session tokens instead

lewiscowles1986 profile image
Lewis Cowles

This is a great write-up.

One criticism / suggestion Re:

Performance suffers consequently, as retrieving data from a database always takes some time

Caching and event-bus are your friends here. Worst case, you'll still be correct, but at scale peak performance has to be a network request anyway, since commodity hardware struggles to presently be able to address hundreds of gigabytes of user data in a short time, resiliently, etc.