Wow really like this post. Question ma'am, what is the best way to implement authentication? right now, on my personal project Im using jwt. It has user email, username, userId. Every time a user requests, an Authentication header is attached with Bearer <JWToken> schema. Is that enough to secure the api? or do I need to use cookies and jwt?
Hello thank you for the response. I was thinking of that one before but I didnt implement it since i dont send my cookies to my server. so what I did is I have a interceptor using axios then before the request i have to attached a auth header like:
Wow really like this post. Question ma'am, what is the best way to implement authentication? right now, on my personal project Im using jwt. It has user email, username, userId. Every time a user requests, an Authentication header is attached with
Bearer <JWToken>schema. Is that enough to secure the api? or do I need to use cookies and jwt?If you’re going to use JWT, be sure to send it to the client only with HttpOnly option enabled for the cookie via HTTPS connection.
Hello thank you for the response. I was thinking of that one before but I didnt implement it since i dont send my cookies to my server. so what I did is I have a interceptor using axios then before the request i have to attached a auth header like: