diff --git a/src/content/blogs/phantom-token/index.mdx b/src/content/blogs/phantom-token/index.mdx
index 3035f38..5d23a7a 100644
--- a/src/content/blogs/phantom-token/index.mdx
+++ b/src/content/blogs/phantom-token/index.mdx
@@ -1,8 +1,7 @@
---
-title: "Jwt should not be persisted"
-description: ""
-date: 2025-03-26
-draft: true
+title: "Phantom tokens: JWTs & sessions combined"
+description: "Jwt should not be persisted"
+date: 2026-05-07
tags: ["kyoo", "auth"]
---
@@ -77,7 +76,7 @@ We do need to add logic to the gateway for phantom tokens to work but this isn't
### Long lived flows or websockets
-Some flows might outlive the duration of the temporary jwt created by the gateway. One such example is websockets, you can create a jwt and ensure the user has the permissions to create a jwt by handling the first request (the one that will return 101 switching protocol) but if you send a message in your websocket 5 hours later your jwt will have expired.
+Some flows might outlive the duration of the temporary jwt created by the gateway. One such example is websockets: you will create a jwt when the websockets opens but if you send a message in your websocket 5 hours later your jwt will have expired.
I couldn't find a silver lining solution for this, the best i came up with for kyoo is to consider the websocket handler as another gateway and refresh the jwt on each new message (excluding keep-alive/pings). If you're interested here's the implementation PR: https://github.com/zoriya/Kyoo/pull/1491.
diff --git a/src/layouts/BaseLayout.astro b/src/layouts/BaseLayout.astro
index 303c1d0..b3dcafe 100644
--- a/src/layouts/BaseLayout.astro
+++ b/src/layouts/BaseLayout.astro
@@ -28,8 +28,7 @@ const { title, description, currentPath } = Astro.props;
href="/rss.xml"
title={title}
/>
-
-
+