From 650eaab17972f00a027ef53d7b272fd1d398bdf6 Mon Sep 17 00:00:00 2001
From: David Bottiau <david.bottiau@outlook.com>
Date: Tue, 4 Jul 2023 22:15:20 +0200
Subject: [PATCH] docs(auth): improve docs of Jwt struct (#2223)

---
 lib/src/api/opt/auth.rs | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/lib/src/api/opt/auth.rs b/lib/src/api/opt/auth.rs
index 16f75b9a..64b37419 100644
--- a/lib/src/api/opt/auth.rs
+++ b/lib/src/api/opt/auth.rs
@@ -86,10 +86,14 @@ impl<T, P> Credentials<T, Jwt> for Scope<'_, P> where P: Serialize {}
 /// A JSON Web Token for authenticating with the server.
 ///
 /// This struct represents a JSON Web Token (JWT) that can be used for authentication purposes.
-/// It is important to note that this implementation does not provide any security measures to
-/// protect the token.
+/// It is important to note that this implementation provide some security measures to
+/// protect the token:
+/// * the debug implementation just prints `Jwt(REDACTED)`,
+/// * `Display` is not implemented so you can't call `.to_string()` on it
 ///
-/// You should take care to ensure that only authorized users have access to the JWT.
+/// You can still have access to the token string using either
+/// [`as_insecure_token`](Jwt::as_insecure_token) or [`into_insecure_token`](Jwt::into_insecure_token) functions.
+/// However, you should take care to ensure that only authorized users have access to the JWT.
 /// For example:
 /// * it can be stored in a secure cookie,
 /// * stored in a database with restricted access,