I'm tired of seeing the same tutorials pop up every couple of weeks. "JWTokens are the recommended auth method because of scalability.""JWTokens are easier to use.""JWTokens are stateless, so you don't use memory on the server."Let me tell you something. These people probably don't know any better. I am sure their intentions are good, but they share an un-secure way of authenticating and authorizi
