What is the best place to store the JWT token in the Angular website. I know we can store it in localstorage but that can be easily accessed by JS scripts. I have read so many answers on the google and now I am confused which one to use.
What is the best place to store the JWT token in the Angular website. I know we can store it in localstorage but that can be easily accessed by JS scripts. I have read so many answers on the google and now I am confused which one to use.
2
Answers
You can store token at many place it’s depend upon your choice basically many developer store token in
local storagebut you have many ways you can try or you can use it.local storageyou can store token in
local storagebut you are telling easily accessed by JS and also you can edit token fromlocal storagesection under console.index DBindex Dbis a package in angular which is second option you can use it it provide all function likeset,get,deleteand so on. the main advantage you cannot edit it’s value from console you can try it.cookiesIn cookies you can store token but may be it easily accessed by JS.
I think index DB is a good for storing token and if you want then you can try it
Every place you can store the token in the frontend can be accessed by js scripts.
That being said the most common practices are
localStorageandsessionStorageUse
localStoragewhen you want the token to persist between tabs and not end the session after browser window is closedUse
sessionStoragewhen you want the token to be unique to each tab and to be deleted when tab or browser is closed.You can also store it in cookies or frontend databases as Kiran mentioned