Store auth token in a cookie #42

hackerwins · 2022-08-12T04:58:46Z

Description:

Store auth token in a cookie.

We implemented the login in #31 but we store the auth token in localStorage.

Since localStorage can be referenced by JavaScript, storing the token in a cookie is recommended.

Let's store the auth token in a cookie.

Why:

chacha912 · 2023-01-04T06:12:37Z

There are additional considerations in this issue.

The current Dashboard network structure is as follows.
(ref: https://github.com/yorkie-team/dashboard#how-dashboard-works)

The auth token is transmitted as a cookie from the gRPC server. At this point, set the httpOnly and secure options.
The gRPC-web client checks that the cookie is transmitted correctly.
After checking that the cookie is set in the browser, Change the login status in the homepage header.

hackerwins added good first issue 🐤 Good for newcomers cleanup 🧹 Paying off technical debt labels Aug 12, 2022

cozitive mentioned this issue Jan 3, 2023

Moved auth token from localStorage to cookie #103

Closed

2 tasks

hackerwins removed the good first issue 🐤 Good for newcomers label Jan 4, 2023

hackerwins mentioned this issue Dec 13, 2023

Migrate RPC to ConnectRPC yorkie-team/yorkie#703

Merged

2 tasks

Provide feedback