> > Thanks for the pointer. Don’t know that much about JWT. From looking at > the code it seems you are storing the subject in the cookie. Like the > current implementation does. This might be different from what we are > trying to achieve. We don’t want the subject in the cookie, but in the > database. Otherwise I can’t invalidate cookies for a segment of our users > on the server side. Is my assumption correct? >
Right, I just didn't know if the proposed encode/decode methods I proposed to CookieRememberMeManager would make your code any easier
