I'm a newby in JavaScript and I'm experimenting with the github.js to interact directly with repo files on the browser. I'm using gatekeeper which sends me back the oauth token after user authorization and I'm using it directly on a script like this to later interact with my repo files:
$.getJSON('http://lestat.herokuapp.com/authenticate/'+code, function(data) {
var github = new Github({
token: data,
auth: "oauth"
});
});
I've read that tokens shouldn't be used on client side for security and the previous code declares the token client side but I've tried to access it through the browser console and it's not displayed so I think it's not accessible but I'm not sure. It's this approach secure?
