should i store otp in session or database?

I regularly use database though During the nextauth signing process i check if the user has a otp first on the db then check if it has expired if expired send new one and delete old otp Else send the old otp that hasn't expired
1 Reply
Lopen
LopenOP3y ago
Just wanted to know if this is good practice and it's stored regularly should i hash it? And should i use database or session to store the otp?
Want results from more Discord servers?
Add your server