Thank you for the fantastic summary James. You’re spot on about the various
implementation issues that plague JWT libraries.
While I think it’s an OK technology if you use a very explicit subset and you
know what you’re doing (see https://github.com/google/jws) it is indeed a bit
of a minefield
I completely agree with James. I felt dread when I saw a JWT Thread appear
as, for me synonymous with flaws security and I'd rather Django stay well
clear of them
On Monday, 27 April 2020 03:53:39 UTC+1, James Bennett wrote:
>
> On Sun, Apr 26, 2020 at 8:46 AM Adam Johnson >
> wrote:
> >
> >
Thank you very much James. I've learned once again that "everyone is using
it" does not make it good.
(Would love if you pasted your write up on your blog to make it easier to
share)
On Mon, 27 Apr 2020 at 10:37, Steven Mapes wrote:
> I completely agree with James. I felt dread when I saw a JWT
Week ending April 26, 2020.
*Triaged:*
https://code.djangoproject.com/ticket/31480 - Accessing admin panel doesn't
work. (worksforme)
https://code.djangoproject.com/ticket/31481 - Admin crash when using
functions in model meta ordering of o2o primary key. (fixed)
https://code.djangoproject.com/t
