Publish phantom token blog

src/content/blogs/phantom-token/index.mdx

@@ -1,8 +1,7 @@
 ---
-title: "Jwt should not be persisted"
-description: ""
-date: 2025-03-26
-draft: true
+title: "Phantom tokens: JWTs & sessions combined"
+description: "Jwt should not be persisted"
+date: 2026-05-07
 tags: ["kyoo", "auth"]
 ---
 
@@ -77,7 +76,7 @@ We do need to add logic to the gateway for phantom tokens to work but this isn't
 
 ### Long lived flows or websockets
 
-Some flows might outlive the duration of the temporary jwt created by the gateway. One such example is websockets, you can create a jwt and ensure the user has the permissions to create a jwt by handling the first request (the one that will return 101 switching protocol) but if you send a message in your websocket 5 hours later your jwt will have expired.
+Some flows might outlive the duration of the temporary jwt created by the gateway. One such example is websockets: you will create a jwt when the websockets opens but if you send a message in your websocket 5 hours later your jwt will have expired.
 
 I couldn't find a silver lining solution for this, the best i came up with for kyoo is to consider the websocket handler as another gateway and refresh the jwt on each new message (excluding keep-alive/pings). If you're interested here's the implementation PR: https://github.com/zoriya/Kyoo/pull/1491.
 

src/layouts/BaseLayout.astro

@@ -28,8 +28,7 @@ const { title, description, currentPath } = Astro.props;
       href="/rss.xml"
       title={title}
     />
-    <link rel="icon" type="image/png" sizes="32x32" href="/favicon-32x32.png" />
-    <link rel="icon" type="image/png" sizes="16x16" href="/favicon-16x16.png" />
+    <link rel="icon" type="image/png" href="/img/author.png" />
     <meta property="og:url" content={new URL(Astro.url.pathname, Astro.site).href} />
     <meta property="og:site_name" content={title} />
     <meta property="og:title" content={title} />