Open sve-odoo opened 6 years ago
jmelberg-okta
commented
6 years ago Hey @sve-odoo - Great suggestion!
We decided not to tie ourselves to a state management library at this time, letting developers choose how they wanted to handle this for their applications. I can certainly see a sample living under samples-js-vue in the future though.
tschroedertlc
commented
5 years ago Hi-
I'm developing an app that uses Vue on the front end and needs to pass the tokens to the back end. We have strict security requirements and I like a lot about this library, but it seems it does not follow best practices for storing tokens in secure apps (i.e. tokens not in localStorage or sessionStorage, cookies are HttpOnly and only allowed over HTTPS, best option is to store tokens is in local memory). I saw that there is an option to switch to cookie storage, but from what I can tell, the cookies are neither HttpOnly (since they are programmatically created) nor set as "secure". Am I misunderstanding?
If this is the case, I'd like to implement a solution to keep the token in local memory, which seems like a good use of storing the tokens in VueX. I looked around the implementation a bit, and it seems like redefining a new type of tokenManager specific to VueX would be the best approach. Does this seem reasonable or is there a simpler option? If I can get it working, I'd like to submit an example or into your library... whichever you prefer.
Thanks for any help you can offer.
swiftone
commented
5 years ago Note to any following: See also https://github.com/okta/okta-auth-js/issues/211 and the related PR if you want a workaround while we consider the best approach.
Hello,
I find the Okta UI and the VueJS library very easy to use. However could not manage Authentication states in Vuex, although it looks like a best practice. Does someone have a setup with the authentication managed in Vuex? Do you have any code to share? I also think it would be a valuable improvement to the standard Okta VueJs libraries.
Thanks in advance.