Aadithya-V
commented
1 year ago Put jwt in a httponly cookie
Open aadithyavamb opened 1 year ago
Aadithya-V
commented
1 year ago Put jwt in a httponly cookie
aadithyavamb
commented
1 year ago JWT with claims, expiry can be used for RESTful API service. No need to store auth tokens in redis. Simply check if incoming JWT cookie is valid or not.
There are scenarios where you can’t share cookies with your API server or the API requires you to put the access token in the authorization header. In this case, you won’t be able to use cookies to store your tokens.