As the title says, i want to know what is the "best practice" or guideline to handle user sessions in Angular. Currently i work on a SPA where i use jwt-tokens to handle the session. My token has an expiration date which indicates the beginning and the expiration of the validity of my token. But as far as my research goes i get to assume that using jwt-tokens to maintain a session is a bad practice. Any recommendations?
Thanks for the answers!
Top comments (1)
I can't personally think of a reason why using a JWT for a session would be objectively wrong.
JWT might be overkill a bit if you don't plan on sharing the session with another application or service, but I wouldn't consider it wrong.
Any encoded identifier that your application can use to determine who a "signed-in" user is should be fine. JWT falls in that group.