1 points | by aymrick 7 hours ago ago
3 comments
After building several SaaS admin dashboards, I found JWT to be limiting for security and team management. I built AdminCraft V2, a React admin frontend + secure Node.js backend using HttpOnly cookies.
Frontend is public: https://github.com/Aymrick97/admincore-frontend-v2 Premium backend with auth, roles, Stripe & team management: https://gumroad.com/l/admincraft-backend-v2
What limits did you run into with JWT?
JWT is a data token format, HTTPOnly is a flag on cookie data. You can flag your JWT cookie with HTTPOnly. It's not an either-or.
Could you expand on what prompted your move from the JWT standard to whatever you choose?
After building several SaaS admin dashboards, I found JWT to be limiting for security and team management. I built AdminCraft V2, a React admin frontend + secure Node.js backend using HttpOnly cookies.
Frontend is public: https://github.com/Aymrick97/admincore-frontend-v2 Premium backend with auth, roles, Stripe & team management: https://gumroad.com/l/admincraft-backend-v2
What limits did you run into with JWT?
JWT is a data token format, HTTPOnly is a flag on cookie data. You can flag your JWT cookie with HTTPOnly. It's not an either-or.
Could you expand on what prompted your move from the JWT standard to whatever you choose?