Alternative to storing refresh_token in DB

[dalalRohit]

Hey @vnovick

Loved your blog post as everything is mentioned very clearly.

I'd like to ask is there any other alternative to storing refresh_token in DB? I think it goes against the idea of having a stateless JWT mechanism. For every API call, we are checking the DB for the token.

How do I do it purely stateless without DB checks?

Thank you,

[FDiskas]

did you read https://hasura.io/blog/best-practices-of-using-jwt-with-graphql/#jwt_persist ?