2021-10-24 UTC
# [jacky] I was thinking about using JWTs (and then PASETO to overcome the weakness of JWTs) but I don't want to share too much info to the client and it makes it a bit easier for me to adjust token permissions from the server without having to update the token used (when I tried doing that with my implementation in Elixir, it altered the _actual_ JWT)