In this video I go through a few possibilities on how to use the JWT token.
If you enjoyed this video then check out The Complete Strapi Course on Udemy:
[ Ссылка ]
JWT Tokens are used for authentications with many APIs and especially with Headless CMSs (such as Strapi, Sanity, etc..)
I go through dangerous and safe ways to store the JWT when working with a "fat client" (e.g. React app)
Let me know what you think in the comments!
These are DANGEROUS ways to store the JWT token:
[ Ссылка ]
The reason why storing your JWT token in the frontend is dangerous is because if your site is subject to XSS (Cross Side Scripting) then a malicious script will have access to your token.
Ephemeral use example:
[ Ссылка ]
The httpOnly example will be in an upcoming video. Make sure to subscribe to be notified when that comes out!
Put this into action in The Complete Strapi Course:
[ Ссылка ]
![](https://i.ytimg.com/vi/894seNhONF8/maxresdefault.jpg)