jwt : add a warning on the content of the token, if confidential data must be stored in it

git-svn-id: https://svn.fournier38.fr/svn/ProgSVN/trunk@5795 bf3deb0d-5f1a-0410-827f-c0cc1f45334c

jwt.php

@@ -6,6 +6,9 @@
 
 /** Allow to manage the JSON Web Tokens
   * Based on https://tools.ietf.org/html/rfc7519
+  *
+  * Do not put confidential data in payload without encrypt it, as the result
+  * is only a Base64 format of JSON...
   */
 class jwt
 {
@@ -20,7 +23,10 @@ class jwt
   );
   // }}}
 
-  /** Create the token based on payload, key
+  /** Create the token based on payload, sign it with key, and optionally
+    * encrypt it with ckey
+    * Do not put confidential data in payload without encrypt it, as the result
+    * is only a Base64 format of JSON...
     * @param array $payload The payload to store
     * @param string $key The key to be used to sign the token
     * @param string|null $alg The algorithm to use to sign the token (default