JWTs Aren't Stupid, but Your Monolith Might Be
When the schedule came out for CodeMash 2018, I knew I wanted to attend Randall Degges’s talk “JWTs Suck (and are stupid)”. As a developer in a shop that uses JWTs for user session tokens, I have to admit it stoked my impostor syndrome. But it’s always best to learn about flaws in your design as early as you can. So on Friday at 9:45, I sat down and got ready to take a beating.