Essentially the only reason it needs to check into a database on every request is to validate a per user integer, allowing for backend cookie invalidation per user
Without, signed jwt’s arent able to be invalidated per user
JWT’s are not encrypted, JWE’s are:
https://stackoverflow.com/questions/454048/what-is-the-difference-between-encrypting-and-signing-in-asymmetric-encryption#454069
Use the word encrypted for a jwt miss informs newcomers
lil5 :golang: 🌱 /
npub13m…6tkv8
2024-10-03 06:44:11
in reply to nevent1q…nrm6
Author Public Key
npub13mf5xspvn2elj6cnmvc6x4r3fv53ecpgysjlgjwkuq7f7mxwfuxqv6tkv8Published at
2024-10-03 06:44:11Event JSON
{
"id": "ec023090c9742bea46cd484d7c5718f9c9d547a911cf304020fde3badd355c03",
"pubkey": "8ed343402c9ab3f96b13db31a354714b291ce0282425f449d6e03c9f6cce4f0c",
"created_at": 1727937851,
"kind": 1,
"tags": [
[
"proxy",
"https://fosstodon.org/@lil5/113242135041123724",
"web"
],
[
"e",
"841c38cb5fb294f2c254095b57e770e17f84d6a540a822d17009c46f2fbdbb54",
"",
"reply",
"47f29a047d4bcb17b6e986ab9149f2b96f808f83657f15d313147401d46b3ca5"
],
[
"p",
"8ed343402c9ab3f96b13db31a354714b291ce0282425f449d6e03c9f6cce4f0c"
],
[
"e",
"bea5cb98f38a132787ac39e6a99fc079455a7c97dad1468b58cdafd9ea043220",
"",
"root",
"8ed343402c9ab3f96b13db31a354714b291ce0282425f449d6e03c9f6cce4f0c"
],
[
"p",
"47f29a047d4bcb17b6e986ab9149f2b96f808f83657f15d313147401d46b3ca5"
],
[
"proxy",
"https://fosstodon.org/users/lil5/statuses/113242135041123724",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://fosstodon.org/users/lil5/statuses/113242135041123724",
"pink.momostr"
],
[
"-"
]
],
"content": "Essentially the only reason it needs to check into a database on every request is to validate a per user integer, allowing for backend cookie invalidation per user\n\nWithout, signed jwt’s arent able to be invalidated per user\n\nJWT’s are not encrypted, JWE’s are:\nhttps://stackoverflow.com/questions/454048/what-is-the-difference-between-encrypting-and-signing-in-asymmetric-encryption#454069\nUse the word encrypted for a jwt miss informs newcomers",
"sig": "8890dff97b667c3c0837983979b6330ef575268a926f89e83777ff83c77f240b837575b1ef0ff7005bdfea7bd43f9789497e75871cb9483de53b1d4af3159973"
}