dotNet access and refresh tokens to be sent via a cookie
Hi, I'm new to dotNet and Identity framework. I'm currently building an API to be consumed by a SPA. All the auth endpoints are provided by the library, which is great. However, I'd like to evade storing access and refresh tokens in the browser in favour of http-only cookies.
Question: is it possible to easily configure my dotNet 8 application to not only send the tokens in the response body, but also in the cookie?
Cheers and thanks O(^_^)O
1 Reply
asked in many places, haven't gotten any answers, BUT
What I decided to do is store the tokens in localStorage (could do with the vue-query library only, BUT then users would get logged out on refresh)
... and I also implemented the /currentuser endpoint that returns the id and email of the currently logged in user