Home > Net >  What's the best way of managing user authentication and sessions on nodejs?
What's the best way of managing user authentication and sessions on nodejs?

Time:03-20

I usually use JWT tokens but I know this is not so secure because when you store the token on LocalStorage you are susceptible to attacks.

What is the best and most secure way for a good session and auth management?

CodePudding user response:

The generally accepted standard is storing JWT inside an httpOnly cookie. So the JWT/Cookie will only be sent to the HTTP server and would not be accessible for reading or writing on the client side. To make it more secure you can set SameSite=strict to eliminate cross site request forgery (CSRF) unless you require the JWT to fetch information from a different domain.

There probably are more secure ways to do this?, but I believe this would be more than enough for an average website.

Page link:https//www.codepudding.com/net/341467.html

Prev:How can i fix this error when converting csv to json
Next:Default .yml file from GitHub from does not work
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding