SuperTokens is an open source authentication solution offering features like: Different types of login: Email / password, Passwordless (OTP or Magic link based).

SuperTokens.com

Cool, if I implemented this I wouldn't need this bandaid, semi-fix right?

> 1. Client: Before sending data to the server, Axios middleware will request `https://server.com/auth/key`
> 2. Server: Generate keypair (maybe 2048bits if performance allows it)
> 3. Server: Encrypt `privateKey` with `applicationKey` (set in .env)
> 4. Server: Store `encryptedPrivateKey` in DB with an random `keyId`
> 5. Server: Return `publicKey` and `keyId` to Client
> 6. Client: The middleware will then encrypt the original payload with this `publicKey` and also provide the `keyId`
> 7. Client: Sends request
> 8. Server: Looks up `keyId` in DB and gets `encryptedPrivateKey`
> 9. Server: Decrypts  `encryptedPrivateKey` and gets `privateKey`
> 10. Server: Decrypts request
> 11. Server: Handles request