DEV Community


Discussion on: JSON web tokens are NOT meant for authenticating the same user repeatedly: Use session tokens instead

jonathanihm profile image

Agree to disagree- it really depends on the application, but when we are talking JUST in the context of pure security JUST from XSS, localStorage is not the best option. Obviously you do need localStorage for things like state management. My issue is just the wording "a bit more" when in reality its "a lot more".

Forem Open with the Forem app