The latest articles on DEV Community by Ronald (@rmirandasv). https://dev.to/rmirandasv https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F147166%2Fb251bd67-0930-45cf-8cb0-1e2f43728e2c.jpeg https://dev.to/rmirandasv en Ronald Sat, 30 Mar 2019 09:29:41 +0000 https://dev.to/rmirandasv/should-save-acees-token-in-local-storage-3o5o https://dev.to/rmirandasv/should-save-acees-token-in-local-storage-3o5o <p>Hi everybody! First I apologise if my English is not the best. It's not my native language. </p> <p>This is my first post, it's 3 am and I cannot sleep thinking in what's could be the best practices for a JavaScript front end application to authenticate the user?</p> <p>I'm building a PHP (Laravel) backend REST API to be consumed by a Vuejs + vuex app. I added authentication using Laravel passport and when user login the vue app request for an access token using the user credentials. Then store the token in a vuex store. Here all works fine, but if I make a full reload to the page, the vuex store it's initialized and the access token must be requested again. </p> <p>My question is, can I store the access token in the local storage to keep the user logged in even though reload page? Of course if I can do this I will manage expiration time for token, but...</p> <p>It's this secure? </p> <p>It's suppose an API must be stateless, so there is no reason to use server session and should not use Cookie's, right? If I can how to read token from cookie using JavaScript?? </p> <p>Any help would be great!</p> help javascript localstorage