DEV Community


Discussion on: Please Stop Using Local Storage

suhas_chatekar profile image
Suhas Chatekar

How do you attach an IP to a JWT? And even if you manage to do that, how do you then use an IP bound JWT from an SPA or mobile app?

pocketstealer profile image

Simple. You can put it in the jwt ...

JWT can have any number of object you want.
It's a json...

Any request to an has a requester data... you can particularise from there, or any other method and make it very unique for user and harder to just take it and reuse it.

Did i say you have a universal solution? No. You need to make it your own.

If you are afraid of tehnology than thats on you. But tools are there to be used not be afraid because of "problems".

LocalStorage has some drawbacks, but has good parts as well... Tokens are used everywhere ... even to log in on this websites.

Lets not talk the iframe solution which is implemented and has security flaws as well(looking at you google).