I've been through 10s of authentication & authorisation articles. This on sums it up very well. I still have an issue which is rather unclear to me.
I'm working on a React app. Regarding CSRF & XSS, most articles tell not to store credentials into localStorage, but "we'll do this for the sake of this article"... So I saw proposals about using cookies (httpOnly, but how does it work for my API then ?), or redux.
I think I'll got to redux, or some Provider like auth provider, but I'm still a bit confused here on how auth provider works. Any pointer/reco about that?
I am also a bit confused regarding the best place/way to store jwt, especially for Cordova/Capacitor projects without any Javascript frameworks. I am currently putting a project on hold because of this. Any ideas would be much appreciated 🙈🙈
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
I've been through 10s of authentication & authorisation articles. This on sums it up very well. I still have an issue which is rather unclear to me.
I'm working on a React app. Regarding CSRF & XSS, most articles tell not to store credentials into localStorage, but "we'll do this for the sake of this article"... So I saw proposals about using cookies (httpOnly, but how does it work for my API then ?), or redux.
I think I'll got to redux, or some Provider like auth provider, but I'm still a bit confused here on how auth provider works. Any pointer/reco about that?
I am also a bit confused regarding the best place/way to store jwt, especially for Cordova/Capacitor projects without any Javascript frameworks. I am currently putting a project on hold because of this. Any ideas would be much appreciated 🙈🙈