Could you provide some details on where you are storing the tokens on the client... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		markandrewj on Dec 17, 2020 \| parent \| context \| favorite \| on: Sick of spending time on Auth, we built an open so... Could you provide some details on where you are storing the tokens on the client side to persist the session? The best practice currently seems to be storing the tokens in http only cookies. I built something not long ago like this for myself. I haven't made it publicly available though.

advaitruia on Dec 17, 2020 [–]

We use httponly cookies too. Yes, we wrote a blog post on cookies vs localstorage too - that you can read here: https://supertokens.io/blog/cookies-vs-localstorage-for-sess...

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact