The API says we must return a token, even if deserialization fails, so we introduce the concept of an "empty" token
and filter it away in readToken(RequestHeader)
.
The API says we must return a token, even if deserialization fails, so we introduce the concept of an "empty" token
and filter it away in readToken(RequestHeader)
.
token data
a token
request
the browser's possibly stored token
Adapted from https://github.com/wsargent/play20-rememberme