I have a question about how to store the access tokens safely in a browser. Hope it is not out of topic
I’m using FastAPI’s tutorial on OAuth2 to implement a password based login system. Now if I want to integrate it with my frontend, I’m confused on where to store the access token.
This is purely for learning purposes but I don’t want to learn it the wrong way by lowering the bars of security.
My first guess is to use Local Storage but a few websites say that it is insecure. So what really is the good approach? Is there a good write-up on this topic that applies to the current state of technology (like no third party cookies, Firefox containers etc.).