The more I watch Rick's sessions from 2017, 2018 and 2019, more confused I get - so I guess I'd write it down.
There are 3 core steps (some have more, I want to stick to 3) to create a decent model that works well:
- Understand the usecase + create ERD(list entities and relations)
- Identify the access patterns - R/W workloads, query dimensions and aggregations
- Data modeling - avoid relational patterns, use 1 table(if there aren't any "documents", 1 should be fine)
- R.R.R = Review > Repeat > Review (go on till it makes sense)
As per my limited understanding of JWTs, it might be a better fit in this scenario, and can potentially prevent the need for "Token" completely (or in a very limited capacity).
Time to read/learn more about JWTs - BRB...