javascript - Sending web storage stored JWT to server when refresh button hit -


i building web app using javascript (koa.js backend). not want make full page refreshes, requests ajax requests api. using jwt user authentication , want save in web storage. these something, blog post 1 , blog post 2, have read on security against csrf, need use web storage token keeping on client. know localstorage persists across browser quit-relaunches.

the question is;

are there a, convenient implement , secure, way achieve keeping authenticated user authenticated between page refreshes caused non-programmatic way when using jwt , web storage, e.g. browser button hit?

your question little broad, there several answers depending on more information you're developing in (what language, limitations)

i can recommend few reads start , possibly shape question further. first, article going on basics of handling jwt tokens:

https://auth0.com/blog/2014/01/27/ten-things-you-should-know-about-tokens-and-cookies/

another place start looking @ auth0's implementation examples: if don't plan on using auth0's services, implementations on server side can used plain jwt implementations. single-page examples, include server tutorials, can found here:

https://auth0.com/docs/quickstart/spa/

hope helps!


Comments

Popular posts from this blog

get url and add instance to a model with prefilled foreign key :django admin -

css - Make div keyboard-scrollable in jQuery Mobile? -

ruby on rails - Seeing duplicate requests handled with Unicorn -