Torsten Curdt

@gedw99 if you get around to it - I'd be interested

I just wanted to double check but now I've run into some sessions trouble. Still a bit unclear how to configure the path. ``` const agent = require('secret-agent'); //SA_SESSIONS_DIR=/your-absolute-dir-path (async...

I got much further - but things are still a bit weird. Here is the full code: ``` const { Agent } = require('secret-agent'); (async () => { const agent...

> By "Browser", do you mean the Replay UI? I've attached a screenshot. The devtools look OKish.

That sounds very sceptical :) May I ask why? How do you setup permissions of the files included in the package at the moment instead?

If you have any thoughts on how you this could or should be added best I am all ears. Maybe I can then work on a PR.

@mig4 the original idea was without the "in addition" part. Essentially all data files in the package in one tgz. Which means all permissions and ownerships are defined. In addition...

The JWT can be used as cookie or a header. Where you store them or how you send them certainly is an important aspect. But JWT is a signed or...

> A big drawback of JWT in my opinion is that the payload is base64 encrypted, meaning it can be easily decrypted and expose internal or even sensitive data. Check...

> But even if you use TLS you still need to store the jwt on the client side as a cooke or in localStorage where it is unencrypted. Why would...