There are many reasons why you shouldn't do this, but here's just a few:

- you are generating a predictable signature message on the client that is vulnerable to replay attacks. The message should include a single use nonce or token

- you make that risk worse by using a long expiry time (1day is long - it should be mins). To reduce this risk and not annoy the user with constant login requests JWT's are often paired with refresh tokens (cookies)

- the token can only be used with API's that all have access to the user database - no distributed API's or back ends

- you cannot embed roles/claims in the token which also limits the back end structure and complicates authorisation

It is definitely possible to replace usernames/passwords with web3 logins, but it is done by complementing existing JWT/Session Cookie processes, not replacing them with something far less secure.