Everywhere you read that storing an access_token in the local storage is not good, but that you must use a secure and httponly cookie which is saver.
Now I have an acces_token in the cookie and I can post it to Laravel passport and then I receive the user data.
-
Login and after successfull login retieve access_token from laravel passport and store it in a secure and httponly cookie
-
Call to server, get cookie value (acces_token) and check acces_token and respons data from database
Is this the right way and do I always have to make a call to the server to receive the user data?
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire