DEV Community

Discussion on: Authentication in Node.js with MongoDB, bcrypt, and JWT web Tokens with cookies 🍪.

Collapse
vyrru5 profile image
VyRru5

Why don’t use header authorization bearer in request ? Is the best practices

Collapse
nyctonio profile image
Ritesh Kumar Author • Edited on

Yes we can implement it in that way too which will also make it not vulnerable to CSRF but I thought that cookie one will be more beginner friendly 😬.