You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am shifted to MERN stack from Next.js developer.
For implementing authentication in my web, I store accessToken in cookies (as usual) and also implemented refreshToken mechanism.
But I have doubt when all the structure and login system(even refreshToken) is depends on accessToken, which is stored in cookie so we can access it from every component of web application. but its also access by any user, that's the problem!
If I logged in my PC(desktop/laptop) and leave my PC and some other guy seat on my pc then he can easily get my token and use it in his own PC by paste my token in cookie storage(using developer tool).
So how you guys prevent from this?
The text was updated successfully, but these errors were encountered:
I am shifted to MERN stack from Next.js developer.
For implementing authentication in my web, I store accessToken in cookies (as usual) and also implemented refreshToken mechanism.
But I have doubt when all the structure and login system(even refreshToken) is depends on accessToken, which is stored in cookie so we can access it from every component of web application. but its also access by any user, that's the problem!
If I logged in my PC(desktop/laptop) and leave my PC and some other guy seat on my pc then he can easily get my token and use it in his own PC by paste my token in cookie storage(using developer tool).
So how you guys prevent from this?
The text was updated successfully, but these errors were encountered: