Is manualy updating JWT access_token data considered a bad practice?

python security flask jwt

It seems like you're trying to use the JWT as a session storage mechanism, which is not a good practice. If you need to check the validity of the JWT in the database on every request why not just use sessions and keep the relevant data server side?

Also, how do you plan to deliver such an updated token to the user? I think that it will be much easier for you to keep the data in the backend and just use sessions.

Related

Call glewInit once for each rendering context? or exactly once for the whole app?
warning: '*' in boolean context, suggest '&&' instead [-Wint-in-bool-context]?
Which is more optimized code to put less pressure on a computer?
How to keep folder structure while share common code across projects in git?
Issue while filtering the data from a list
DELETE USING in gorm?
Why does this HLSL pixel shader not compile?
How do I get images from an android app made using opengl (filament rather)?
Ionic5 IOSFilePicker convert uri to blob
How to load a picture into Google Colab for GitHub
How to get object by string in Vue.js
How do I run a graphical sudo in bash on kubuntu 18.04 now that kdesudo is gone?