should i store otp in session or database?
I regularly use database though
During the nextauth signing process i check if the user has a otp first on the db then check if it has expired if expired send new one and delete old otp
Else send the old otp that hasn't expired
1 Reply
Just wanted to know if this is good practice and it's stored regularly should i hash it?
And should i use database or session to store the otp?