LOG IN
Find MentorsFind FreelancersCommunity PostBlog
SIGN UP
LOG IN
Codementor Events
Saurabh Sharma
Follow
Coder, Solutions Desiger, Cinema Buff (Him)

integrate multi-back-end authentications

Published Mar 15, 2021Last updated Mar 24, 2021

"when u have an app using cookies and can't simply switch to tokens overnight, u have to support both 😃"

JS-SPA-BACKEND-AUTH-TOKENS-STORAGE.jpeg

for XSS & CSRF avoidance -

not store the token in any browser storage at client side
a) use a unique x-csrf token sent as HTTPOnly cookie
or
b) store access token in memory, write refresh token in a secure HTTPOnly cookie to get a new access token as needed.

References :: hasura

Back endJwtFront end development
Report

Enjoy this post? Give Saurabh Sharma a like if it's helpful.

post comments
Saurabh Sharma
Coder, Solutions Desiger, Cinema Buff (Him)
- Specialise in design as well technical implementation of web & mobile solutions. - Love Polymer, RiotJS, Angular, VueJs, React + Redux - Ruby and Rails projects (API or Web MVCs) - Advocate decentralisation systems like dat, pat...
Follow
Discover and read more posts from Saurabh Sharma
get started
post commentsBe the first to share your opinion
MarkdownGitHub flavored markdown supported
submit
Show more replies