My dumbass colleague thinks the best idea to a Restful API backend is to store some kind of session based on the token.

It'd be great if that remained as an idea instead of this 11 month-old system he built before I got in.


Yes, it does mean that if the server boots for whatever reason, everyone has to login again to get a valid token LOL

  • 2
    @Artemix Don't want to be rude here. But do you you get it what the main point of restful apis using jwtokens is?
  • 0
  • 3
    This was the standard years ago.

    Lots of developers don't know what JWT is.

    I share the sentiment, but you shouldn't be an asshole about it. Some people simply don't know. You should explain it to them.
  • 0
    I am by no means an expert here but I have read that both have their merits and demerits. For a simple service, sessions could also be a way to go
  • 0
    @Artemix that's why you'd use validators. You can't blindly accept a token just because.
    Rest APIs shouldn't keep any kind of session
  • 0
    One of my teachers recommend this method for my android app
Your Job Suck?
Get a Better Job
Add Comment