DEV Community

Discussion on: Authentication in Node.js with MongoDB, bcrypt, and JWT web Tokens with cookies 🍪.

vyrru5 profile image

Why don’t use header authorization bearer in request ? Is the best practices

nyctonio profile image
Ritesh Kumar Author • Edited on

Yes we can implement it in that way too which will also make it not vulnerable to CSRF but I thought that cookie one will be more beginner friendly 😬.