1 files changed, 0 insertions, 41 deletions

diff --git a/README.md b/README.md
index 9e28491..aacafe5 100644
--- a/README.md
+++ b/README.md
@@ -12,11 +12,6 @@ with [Serde](https://serde.rs/) you can enable the following feature flags:
   `into_form` method for parsing data submitted from HTML forms.
 - `hyper_body_json` additionaly provides an `into_json` method
 
-With the `security` feature Sputnik furthermore provides what's necessary to
-implement [signed & expiring cookies](#signed--expiring-cookies) with the
-expiry date encoded into the signed cookie value, providing a more
-lightweight alternative to JWT if you don't need interoperability.
-
 Sputnik does **not** handle routing because even complex routing can be quite
 easily implemented with nested `match` blocks. If you want a more high-level
 router, you can check out the [router crates](https://crates.io/keywords/router).
@@ -123,39 +118,3 @@ async fn main() {
     server.await;
 }
 ```
-
-## Signed & expiring cookies
-
-After a successful authentication you can build a session id cookie for
-example as follows:
-
-```rust
-let expiry_date = SystemTime::now() + Duration::from_secs(24 * 60 * 60);
-let mut cookie = Cookie::new("userid",
-    key.sign(
-        &encode_expiring_claim(&userid, expiry_date)
-    ));
-headers.set_cookie(Cookie{
-    name: "userid".into(),
-    value: key.sign(
-        &encode_expiring_claim(&userid, expiry_date)
-    ),
-    secure: Some(true),
-    expires: Some(expiry_date),
-    same_site: SameSite::Lax,
-});
-```
-
-This session id cookie can then be retrieved and verified as follows:
-
-```rust
-let userid = req.cookies().find(|(name, _value)| *name == "userid")
-    .ok_or_else(|| "expected userid cookie".to_owned())
-    .and_then(|(_name, value)| key.verify(value))
-    .and_then(|value| decode_expiring_claim(value).map_err(|e| format!("failed to decode userid cookie: {}", e)));
-```
-
-Tip: If you want to store multiple claims in the cookie, you can
-(de)serialize a struct with [serde_json](https://docs.serde.rs/serde_json/).
-This approach can pose a lightweight alternative to JWT, if you don't care
-about the standardization aspect.