Carlos Saraiva
Security regarding JWT .NET 8
Hi everyone, I'm working on authentication and I want to make a "remember me" feature making the JWT valid for 30 days. But if this token is shared I'll have two people using the same account right? How can I make it more safe? refresh token? or should I save the users token and IP in the database and any other IP using that token is not valid?
I'm just wondering what is the safer approach when it comes to authentication and authorization, if anyone knows any playlist to watch or blogs to read regarding this subject so I can learn more about it and make my work better, I would like it very much, thanks!
37 replies