TTC
Theo's Typesafe Cult17mo ago
cement

NextAuth session storage

I'm a bit confused reading the NextAuth documentation (probably because my knowledge of security is not very good). Well, it says that NexAuth by default stores sessions in JWT (which is probably safer than cookies), but when we add an adapter to the database (I added it), it starts storing them in a server side cookie. I'm wondering whether to do a custom config now to store the session back in JWT. Are server side cookies enough? By the way, how do you store the fact that a user is logged in? Just the sessionid from useSession and passing that to the context?
2 Replies
barry
barry17mo ago
JWT is the opposite of secure
cement
cement17mo ago
heck, I see a different opinion from each side :(, thanks
Want results from more Discord servers?
Add your server
More Posts
Where do you go for UI inspiration/problem-solving?Do you look at UI component libraries for collections of interfaces? Do you keep a lookbook/swipe fiUsing clientside only library with nextjs (t3)I have been working on a rebuild of an ancients system that we use in nextjs (t3 all in with ts) hoZod in commercial projects (work)Do you use Zod in your projects at work? A new one is starting for me, but we are holding back witReact rendering on different viewportI'm currently making a custom Navbar with drop-downs, with should behave differently depending on a Question: Working with prisma JSON typesI've had this "thing" with prisma + TS after switching to it for a while so I was wondering how are api calls don't work in vercelI'm trying to call my NextJS API: If I try to write `const res = await fetch("/api/commands");` I ge