Are session ids encrypted before saving?

Question

Are session ids encrypted before saving?

Closed this issue 3 months ago · 1 comments

They should be encrypted before saving right? so in the case of a database leak session ids cannot be used.

Answer 1 · 2019-11-04T23:00:02.000Z

They should be, though encrypting a database is more of an operational concern and is perhaps outside of the scope of this library. I would consider a PR though.