/ JWS?
As stated above, Fernet is an option for most JWT use-cases. That being said:
For secure sessions: Just use cookies over HTTPS. Cookies should only store a random identifier which is paired with a server-side persistent storage mechanism.
For signatures: Libsodium's crypto_sign() or crypto_auth() APIs (depending on use-case).
For encryption: Libsodium's crypto_secretbox() and crypto_box() APIs (depending on use-case).
вот только это не замена
Обсуждают сегодня