Comments (2)
Pull requests with JWT sessions would be great. I appreciate it's a lot of work so seems unlikely, but even if it's only a partial implementation it would be something.
from nextjs-starter.
While appealing I think there are too many problems using only JWT tokens in practice, especially with oAuth.
For example because it doesn't store the RefreshToken server side, if the resets their local data or uses another browser or computer, then you can't get an updated AccessToken later if you want to make API calls - as APIs like Google+ only return a RefreshToken the first time a user signs in to a new service.
Storing things entirely client side in a JWT token (that is encrypted/decrypted on the server) is okay for some uses cases, but it's very limiting for many scenarios so I'm not going to worry about it now I have published the code for session management in next-auth and next-auth-client.
There is a case for using JWT tokens instead of having a session database (but still having a user database), but that's a slightly more specific use case that has some pitfalls of it's own - and the overhead of having a session database is low in most scenarios (especially as, in this example, it can just be a collection in the same database as the user data).
I'm going to close this issue. If it reopens at all it will probably be an enhancement to next-auth.
from nextjs-starter.
Related Issues (20)
- Upgrade the deployment settings to now v2 HOT 5
- Authentication.md HOT 1
- Adding CORS HOT 2
- Other CSS Framework
- Can i get res in next-auth.functions ?
- What do i need to pull data from a collection?
- TypeError: Cannot read property 'passport' of undefined on production build HOT 1
- Several dependencies need to be updated HOT 1
- Nodemailer needs to be updated HOT 1
- Update to next.js 9? HOT 3
- build:server & export:server commands are not working
- FullCalendar in Nextjs
- Cloning and installing packages is failing because package-lock.json is present
- npm install fails HOT 2
- Memory leak in app created from this boilerplate
- Sign in doesn't work - takes to page not found '_error' does not exist.
- Deployment to Now v2 HOT 2
- 📢 Plans for the future HOT 2
- npm install error - remove package-lock.json before running npm i HOT 1
- 🚨 This project is now archived
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from nextjs-starter.