Where to store tokens and make requests?

M

Mishcake2022-04-07 13:55:18

Web development

Mishcake, 2022-04-07 13:55:18

Hello.

I'm learning front-end, I'm working on a vanilla JS (with a perspective for React) application that will pull data from news sites using the API.

Question: where and how best to organize the storage of tokens and the implementation of requests to the API?

Common sense suggests that it is impossible to store an API access token on the front (seen through the source code), and with fetch () requests, an error of cross-domain requests pops up (I haven’t figured it out yet).

So far, the only thought is to write a script for requesting and storing a token on nodejs and deploy it somewhere on heroku or your VDS. Will this be best practice or am I just not understanding something else?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

W

wonderingpeanut, 2022-04-07
@Mishcake

authorization tokens received from the back are usually stored in localstorage or cookies. Secret things such as passwords that are used in the application can also be stored in an .env file.
Those. you can either manually enter the desired token and its value into cookies / localstorage, or create a variable in the .env file.
As for the cors error, this should be fixed on the server side