Security module. This module handles sign-in (using ASP.NET Core Identity), and instead of the original cookie authentication, signs a JWT and stores that in a cookie instead.

The JWT is signed using RS256, and the public key is exposed to other modules so they can verify the signature of the cookie.

No JWT found in cookies.