Hacker News new | past | comments | ask | show | jobs | submit login

The equivalent of ActiveSupport::MessageEncryptor. Virtually every platform has something. Go has crypto/cipher.AEAD. Python has fernet. Most platforms have access to Nacl's "secretbox". All of these things are simpler, safer, and just as effective as JWT.



And even that presumes you want to actually encrypt data to the client: many (most) JWT users are just signing tokens, which makes an alternative to JWTs even simpler.

token = data:expiry:hmac(key, data+expiry) is super simple in most languages, is robust, and nacl provides useful helpers for doing this as well.




Registration is open for Startup School 2019. Classes start July 22nd.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: