It's currently using sessionStorage, but you can't access it in server rendering, which limits the power of Next.js. Migrating to storing keys in cookies would allow the server to view authentication keys there. Heck, maybe we can change up auth as a whole and make it more secure. that's super low priority though.
It's currently using sessionStorage, but you can't access it in server rendering, which limits the power of Next.js. Migrating to storing keys in cookies would allow the server to view authentication keys there. Heck, maybe we can change up auth as a whole and make it more secure. that's super low priority though.
Example: https://github.com/zeit/next.js/pull/5821