I just want to know if JWT can't be stored in localstorage or cookies cause its gonna be hacked that way then way the heck they created it, whats the problem that JWT solves that session cant.
i really want to know :)
Thanks !
As a software developer, I choose among them due to the requirements of the specific project I am working on.
As far as my knowledge goes, JWT can be a better alternative to sessions whenever the project is tight on storage (database) and can be a little faster as there will not be any database request to see the token's payload.
It has also its own disadvantages such as the reduced security compared to sessions where stolen, anyone can CRUD anything in your app with a false identity for which there is no revocation technique of the token back unless it expires in the time set.
Sessions also have their own advantages and disadvantages especially helpful on server side rendered apps for my case but I think you should take into account both alternatives according to the requirements of the project in which the technique is to be used in.