I am making a full CRUD app that won’t have users, but has an admin login ‘/admin’ route, that signs up on a form and will get to go to another route for the admin to CRUD the data. Do I need JWT in this case or is there an easier way to go about it. I don’t want someone to be able to just go to www.myurl/admin and be able to manipulate the data.
I think that if both routes are being served by the same session, then cookies should work fine, but so would JWT. It’s good to understand both. I’d recommend switching back and forth to get a good grasp. Cookies seem to be more common, but JWTs have been gaining ground.