DEV Community

loading...

Discussion on: LocalStorage vs Cookies: All You Need To Know About Storing JWT Tokens Securely in The Front-End

Collapse
putrikarunia profile image
Putri Karunia

Hi Pacharapol!
Cookies that are marked httpOnly are not accessible from document.cookie, otherwise you can access the cookie from document.cookie.
source

With our JS SDK (from yarn add cotter), we actually handle storing the access token in memory and the refresh token in the cookie for you. In short, you can just call:

cotter.tokenHandler.getAccessToken()
Enter fullscreen mode Exit fullscreen mode

and it will:

  • grab the access token from memory if not expired, or
  • automatically refreshes the access token by calling Cotter's refresh token endpoint (where the cookie is included) and return to you a new access token.

If you're interested, shoot me a message on Slack and I can help you with any questions. You can find our documentation here.

Forem Open with the Forem app