Cookies are being used only as a mechanism to execute the OAuth flow successfully. It's a built-in feature in browsers and it's well understood concept. Depending on the cookie configuration you set on your end you can expire the session after you receive the access tokens.
As for JWT tokens, once you receive back the credentials from the OAuth flow, you can generate a JWT and return that to the user.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Hi @Gregory, I'm glad you like the article.
Cookies are being used only as a mechanism to execute the OAuth flow successfully. It's a built-in feature in browsers and it's well understood concept. Depending on the cookie configuration you set on your end you can expire the session after you receive the access tokens.
As for JWT tokens, once you receive back the credentials from the OAuth flow, you can generate a JWT and return that to the user.