foenix
TTCTheo's Typesafe Cult
•Created by gustagol on 12/7/2023 in #questions
Storing JWT refresh token in httpOnly cookie
Or just set access as httpOnly and do not expose refresh to client. It's enough to store it on server side if you are using NextAuth or similar library
18 replies