javascript - Sending web storage stored JWT to server when refresh button hit -
i building web app using javascript (koa.js backend). not want make full page refreshes, requests ajax requests api. using jwt user authentication , want save in web storage. these something, blog post 1 , blog post 2, have read on security against csrf, need use web storage token keeping on client. know localstorage persists across browser quit-relaunches.
the question is;
are there a, convenient implement , secure, way achieve keeping authenticated user authenticated between page refreshes caused non-programmatic way when using jwt , web storage, e.g. browser button hit?
your question little broad, there several answers depending on more information you're developing in (what language, limitations)
i can recommend few reads start , possibly shape question further. first, article going on basics of handling jwt tokens:
https://auth0.com/blog/2014/01/27/ten-things-you-should-know-about-tokens-and-cookies/
another place start looking @ auth0's implementation examples: if don't plan on using auth0's services, implementations on server side can used plain jwt implementations. single-page examples, include server tutorials, can found here:
https://auth0.com/docs/quickstart/spa/
hope helps!
Comments
Post a Comment