Sometimes, you can't authenticate against a closure. For instance, it might make more sense to store your authentication information in a redux store so that you can keep all of your data in a particular place. While this is probably unnecessary in all but the extreme cases, it is possible to prevent the globally available data store from being tampered with. We can let them modify the data so long as we have some way of invalidating it afterwards.