Angular4/ngRx: Is it good idea to keep auth state in ngRx store?

Question

In my application, I was wondering if I can use the ngRx store to keep the JWT token(auth token)?

I understand that once the browser refreshes, the store will be reset, but I can workaround this issue by keeping the app state itself in local storage.

What I am trying to find out(and didin't find any results for) is how the ngRx store behaves for multiple users? Will each of them get their own store? Or will they use common app level store? If latter is the case then it would be a very bad design to keep auth state in ngRx store.

PS: I am new to angular.

For different browsers, ngRx is also going to be different. – Ajay Jan 04 '18 at 09:25 — Ajay, Jan 04 '18 at 09:25

score 1 · Accepted Answer · answered Jan 04 '18 at 14:35

1

Generally not,

You should keep JWT token in localStorage, and have proper Guard's which will check if jwt is expired ( redirect to login ) or not.

answered Jan 04 '18 at 14:35

Vlado Tesanovic

6,369
2
20
31

by guards you mean, should i make a rest call to the server to check the token's validity or should i have a mechanism at the client side to decode the token and extract expiry? – tryingToLearn Jan 05 '18 at 04:16
Yes, you should have it on client side, and library like this have that already https://github.com/auth0/angular2-jwt/tree/v1.0 – Vlado Tesanovic Jan 05 '18 at 17:34
1

Umm...keep your password in localStorage? https://www.rdegges.com/2018/please-stop-using-local-storage/ – Lauri Elias Nov 05 '18 at 13:51
keeping password in localStorage? how abt safety? – Navruzbek Noraliev Aug 19 '19 at 12:31
@VladoTesanovic can you explain why it is not good to store JWT in a statemanagement tool like ngrx? – Benjamin Martin Sep 23 '22 at 06:49

score 1 · Answer 2 · answered Aug 04 '22 at 16:58

1

Keep your JWT in angular shared service. Shared service is the one which can be accessed by all components in the application. Check below solution

https://stackoverflow.com/a/40033654/3337028

answered Aug 04 '22 at 16:58

Nikhil

861
11
15

Angular4/ngRx: Is it good idea to keep auth state in ngRx store?

2 Answers2