Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
D
D
daima2019-06-25 12:27:02
JSON Web Token
daima, 2019-06-25 12:27:02

Where to store tokens?

There is a spa application on react, there is a refresh token and an access token. But where to store them, so as not to be stolen? Unreliable in cookies and localstorage. In the editorial office (storage) they also do not advise.
Google - in the examples they consider cookies, local storage, and at the end they write that you shouldn't do this in serious applications: D

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
A
Anton Spirin, 2019-06-26
@rockon404

In order not to be stolen, it is necessary to solve security issues, and you can store it in all the listed storages.

Similar questions
V
Vladimir Golub2020-02-03 14:11:16
How to properly authenticate with Vue, Nuxt, JWT, Node.js, Axios? 1Reply
A
Alexey2017-10-18 22:21:25
How to reset the token when the user logs out? 1Reply
D
Dimka Matsi2020-03-10 10:10:04
SSO authentication in AD with javascript? 2Reply
M
Maxim Tarabrin2017-11-20 12:14:49
When do you renew your OAuth token? 2Reply
T
triggerfinger2018-01-25 23:03:16
Resetting the password: how to notify the client that the server gave the go-ahead if there is a redirect? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question