Store token on local storage is good or bad?

Asked Apr 30 '19 at 11:10

Active Apr 30 '19 at 11:10

Viewed 1,011 times

I created an application with Java 8, spring boot, hibernate, jpa, spring security with OAuth2 and the services REST for back end. For the front end I used Angular 7. In my application I have users with roles. so when an user connected I generate an OAuth2 bearer token and I store that in local storage, so when I need a resource I use that token to get it. when Logout I clear all data on local storage, so when a 2nd user connect I generate 2nd token etc...

My question is whether this is a secure method or there is a better way to store and reuse token and the object user connected?

I talk about security vulnerabilities.

Thanks in advance :)

asked Apr 30 '19 at 11:10

Ragnar Lodbrok

2

Duplicate? https://stackoverflow.com/questions/44133536/is-it-safe-to-store-a-jwt-in-localstorage-with-reactjs – Robin Webb Apr 30 '19 at 11:16
1

Possible duplicate of [Is it safe to store a jwt in localStorage with reactjs?](https://stackoverflow.com/questions/44133536/is-it-safe-to-store-a-jwt-in-localstorage-with-reactjs) – Friso Hoekstra Apr 30 '19 at 11:24
I think cookies is better... – Ramesh Rajendran Apr 30 '19 at 11:34

Store token on local storage is good or bad?

0 Answers0