react_jwt_auth icon indicating copy to clipboard operation
react_jwt_auth copied to clipboard

Published 20 hours ago verified publisher icon gitdagray

Store auth info localStorage to persist state on refresh page

Open shubhamgupta659 opened this issue 2 years ago • 2 comments

store auth info in local storage at login then update context by updating state using useEffect in AuthProvider.js

shubhamgupta659 avatar May 25 '23 08:05 shubhamgupta659

No, you shouldn't store the JWTs in the localStorage, cookies provides an additional security, and the simplicity of protecting against CSRF with modern web frameworks. Web Storage (localStorage/sessionStorage) is vulnerable to XSS, has a larger attack surface area, and can impact all application users on a successful attack. In any case you are vulnerable to some kind of attack based on this choice (CSRF or XSS). React helps prevent, but to avoid most vulnerabilities make the Front-End and Back-End communicate via HTTPS.

Francesco146 avatar Aug 13 '23 04:08 Francesco146

How can i get or store user data after login, for example, display a message like Hello Admin after login

agrapps avatar Nov 06 '23 18:11 agrapps