tools/stack aside, its a well written article about API Access Token/Client Side App (coincidently is in Vue too), first he store it in the localStorage, explains the drawbacks and change it to use the Signed Session/HTTP Only (same solution as the article above)
another good one is:
Using Rails Session Cookies for API Authentication
pragmaticstudio.com/tutorials/rail...
tools/stack aside, its a well written article about API Access Token/Client Side App (coincidently is in Vue too), first he store it in the localStorage, explains the drawbacks and change it to use the Signed Session/HTTP Only (same solution as the article above)
Thank you! Both posts were excellent!