As far as I know, JWT tokens are used for implementing 'stateless server'. But as I try to apply Jwt to my website that uses sessions and cookies for authentication, I found that most people store refresh tokens in their db and compare them to tokens from the clients. If so, isn't that kind of ironic? Because I thought tokens didnt require any server side resources. Now I'm confused why so many people use tokens for authentication instead of Sessions with cookies even though they both require server side storage.

As far as I know, JWT tokens are used for implementing 'stateless server'. But as I try to apply Jwt to my website that uses sessions and cookies for authentication, I found that most people store refresh tokens in their db and compare them to tokens from the clients. If so, isn't that kind of ironic? Because I thought tokens didnt require any server side resources. Now I'm confused why so many people use tokens for authentication instead of Sessions with cookies even though they both require server side storage. Also, how you deal with logging in on multiple devices? If you store a refresh token per user and an user tries to log in on a new device, its previous device will be automatically logged out as soon as its access token expires.