loading...

re: Django Rest Framework custom JWT authentication VIEW POST

FULL DISCUSSION
 

I have a question to ask.
If I put JWT in cookie from server to client, and the client takes JWT from cookie to headers for every request, do I need CSRF token additionally?

 

the client can't read the httponly cookie, only the server can read it

Code of Conduct Report abuse